www.bendigoadvertiser.com.au Open in urlscan Pro
18.66.122.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-stationreport/?cs=12
Effective URL:
https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Submission: On December 13 via api (December 13th 2021, 2:13:31 pm UTC) from US — Scanned from DE

Summary HTTP 394 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 98 IPs in 11 countries across 68 domains to perform 394 HTTP transactions. The main IP is 18.66.122.84, located in United States and belongs to AMAZON-02, US. The main domain is www.bendigoadvertiser.com.au.
TLS certificate: Issued by Amazon on May 10th 2021. Valid for: a year.

This is the only time www.bendigoadvertiser.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	18.66.122.84 18.66.122.84	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
37	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 13	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
8	34.96.77.232 34.96.77.232	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:2240:8e00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	92.122.252.200 92.122.252.200	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a0b:4d07:1::1 2a0b:4d07:1::1	44239 (PROINITY ...) (PROINITY PROINITY)
5	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
16	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
8	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2	54.252.100.191 54.252.100.191	16509 (AMAZON-02) (AMAZON-02)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.227.208.151 35.227.208.151	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	34.246.74.180 34.246.74.180	16509 (AMAZON-02) (AMAZON-02)
1	52.208.32.237 52.208.32.237	16509 (AMAZON-02) (AMAZON-02)
3 8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.217.174.143 3.217.174.143	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.184.131 35.244.184.131	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3037::6815:8fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1 8	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1ba::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	185.59.220.193 185.59.220.193	60068 (CDN77 ^_^) (CDN77 ^_^)
1 3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.239.42.64 13.239.42.64	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	184.25.115.31 184.25.115.31	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
2	92.122.254.4 92.122.254.4	16625 (AKAMAI-AS) (AKAMAI-AS)
3	46.105.199.2 46.105.199.2	16276 (OVH) (OVH)
3	18.66.122.126 18.66.122.126	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2010	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	3.104.244.252 3.104.244.252	16509 (AMAZON-02) (AMAZON-02)
6	2600:1901:0:9... 2600:1901:0:9d3d::	15169 (GOOGLE) (GOOGLE)
3	85.215.5.31 85.215.5.31	6724 (STRATO ST...) (STRATO STRATO AG)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1 1	99.80.242.238 99.80.242.238	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:7600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
13	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	185.170.61.93 185.170.61.93	27381 (CASALE-MEDIA) (CASALE-MEDIA)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.183.31 52.18.183.31	16509 (AMAZON-02) (AMAZON-02)
1 1	52.86.210.192 52.86.210.192	14618 (AMAZON-AES) (AMAZON-AES)
2 2	51.178.20.139 51.178.20.139	16276 (OVH) (OVH)
2	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
22	2600:9000:223... 2600:9000:223f:5c00:6:834a:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	54.81.121.96 54.81.121.96	14618 (AMAZON-AES) (AMAZON-AES)
1	3.220.38.221 3.220.38.221	14618 (AMAZON-AES) (AMAZON-AES)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3	2606:4700:20:... 2606:4700:20::ac43:4972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:a800:6:834a:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3037::6815:3c3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	52.209.141.115 52.209.141.115	16509 (AMAZON-02) (AMAZON-02)
2	52.222.236.89 52.222.236.89	16509 (AMAZON-02) (AMAZON-02)
1 3	34.247.138.28 34.247.138.28	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:236... 2600:9000:236e:f800:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.112.113 18.66.112.113	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:a400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2600:9000:223... 2600:9000:223f:b000:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
1	51.195.5.38 51.195.5.38	16276 (OVH) (OVH)
1	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
1	54.218.247.33 54.218.247.33	16509 (AMAZON-02) (AMAZON-02)
394	98

25 18.66.122.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-84.fra60.r.cloudfront.net

www.bendigoadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com

origami.secure.ownlocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:8e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.122.252.200 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-200.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify-imp.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgetmonitor.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.252.100.191 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-252-100-191.ap-southeast-2.compute.amazonaws.com

pixel.roymorgan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.208.151 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 151.208.227.35.bc.googleusercontent.com

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.74.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.32.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 3 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.174.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-174-143.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.184.244.35.bc.googleusercontent.com

snowplow.ownlocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:8fa (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1ba::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.193 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net

cdn.materialdesignicons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.239.42.64 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-42-64.ap-southeast-2.compute.amazonaws.com

cdn.newsnow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.254.4 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-4.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.199.2 (France)

ASN16276 (OVH, FR)

cdn.lqm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-126.fra60.r.cloudfront.net

api.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-kube-ownlocal.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.104.244.252 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-244-252.ap-southeast-2.compute.amazonaws.com

transform.newsnow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:9d3d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

h.lqm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.215.5.31 (Germany)

ASN6724 (STRATO STRATO AG, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.242.238 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-242-238.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:7600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.61.93 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a3192.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:3175:5196:e3fd:8c1d (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.183.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-183-31.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.210.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-210-192.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.139 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:223f:5c00:6:834a:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

trendads.reactivebetting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.121.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-121-96.compute-1.amazonaws.com

px.britepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.38.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-38-221.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4972 (United States)

ASN13335 (CLOUDFLARENET, US)

trendads-swarm-api.reactivebetting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:a800:6:834a:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

trendads.betfindr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3c3f (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.141.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-141-115.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-89.fra56.r.cloudfront.net

api.limbik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.247.138.28 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-138-28.eu-west-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:236e:f800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-113.fra56.r.cloudfront.net

sdk.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:a400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:b000:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

rziuhdghvxqz5hblufqkvcvnr3trr1639404806.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.38 (France)

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.247.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-247-33.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com amplify-imp.outbrain.com widgetmonitor.outbrain.com	154 KB
25	reactivebetting.com trendads.reactivebetting.com trendads-swarm-api.reactivebetting.com	149 KB
25	googlesyndication.com 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	170 KB
25	bendigoadvertiser.com.au 1 redirects www.bendigoadvertiser.com.au	612 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	349 KB
18	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	188 KB
15	google-analytics.com www.google-analytics.com	96 KB
14	casalemedia.com 2 redirects htlb.casalemedia.com as-sec.casalemedia.com a3192.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	11 KB
14	google.com 1 redirects adservice.google.com www.google.com analytics.google.com cse.google.com clients1.google.com	198 KB
13	piano.io cdn-au.piano.io buy-au.piano.io id-au.piano.io c2-au.piano.io	296 KB
12	imrworldwide.com 1 redirects secure-au.imrworldwide.com cdn-gl.imrworldwide.com secure-gl.imrworldwide.com secure-dcr.imrworldwide.com rziuhdghvxqz5hblufqkvcvnr3trr1639404806.nuid.imrworldwide.com	99 KB
10	gstatic.com fonts.gstatic.com	154 KB
10	ownlocal.com origami.secure.ownlocal.com snowplow.ownlocal.com	422 KB
10	googleapis.com fonts.googleapis.com storage.googleapis.com www.googleapis.com	169 KB
9	lqm.io cdn.lqm.io h.lqm.io	167 KB
8	facebook.com 3 redirects www.facebook.com	499 B
8	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	203 KB
7	adform.net track.adform.net s1.adform.net	36 KB
7	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	337 KB
6	solutionshindsight.net static.solutionshindsight.net api.solutionshindsight.net	27 KB
5	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com	70 KB
5	googletagservices.com www.googletagservices.com	174 KB
5	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	133 KB
5	facebook.net connect.facebook.net	196 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	google.de adservice.google.de www.google.de	1 KB
4	unpkg.com unpkg.com	70 KB
4	googletagmanager.com www.googletagmanager.com	210 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	twiago.com a.twiago.com	2 KB
3	rsms.me rsms.me	226 KB
3	jsdelivr.net cdn.jsdelivr.net Failed	291 KB
3	cloudflare.com cdnjs.cloudflare.com	51 KB
3	adsrvr.org match.adsrvr.org	1 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	33 KB
2	limbik.com api.limbik.com	41 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	75 KB
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com	666 B
2	unsplash.com images.unsplash.com	69 KB
2	newsnow.io cdn.newsnow.io transform.newsnow.io	29 KB
2	polyfill.io cdn.polyfill.io	847 B
2	cxense.com cdn.cxense.com	30 KB
2	aswpsdkus.com aswpsdkus.com	46 KB
2	roymorgan.com pixel.roymorgan.com	705 B
2	survicate.com survey.survicate.com surveys-static.survicate.com	96 KB
2	indexww.com js-sec.indexww.com	35 KB
1	sharedid.org id.sharedid.org	223 B
1	crwdcntrl.net id.crwdcntrl.net	346 B
1	id5-sync.com id5-sync.com	546 B
1	ipify.org api.ipify.org	253 B
1	amazonaws.com sdk.amazonaws.com	282 KB
1	nr-data.net bam-cell.nr-data.net	725 B
1	npttech.com www.npttech.com	3 KB
1	newrelic.com js-agent.newrelic.com	17 KB
1	betfindr.com trendads.betfindr.com	5 KB
1	thrtle.com thrtle.com
1	britepool.com 1 redirects px.britepool.com api.britepool.com Failed	650 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	379 B
1	adroll.com 1 redirects d.adroll.com	112 B
1	quantserve.com 1 redirects pixel.quantserve.com	512 B
1	cloudfunctions.net us-central1-kube-ownlocal.cloudfunctions.net	376 B
1	rubiconproject.com fastlane.rubiconproject.com	1 KB
1	materialdesignicons.com 1 redirects cdn.materialdesignicons.com	747 B
1	chartbeat.net ping.chartbeat.net	201 B
1	rlcdn.com api.rlcdn.com	337 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
394	68

	Domain	Requested by
36	widgets.outbrain.com	www.bendigoadvertiser.com.au widgets.outbrain.com
25	www.bendigoadvertiser.com.au	1 redirects www.bendigoadvertiser.com.au
22	trendads.reactivebetting.com	0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com trendads.reactivebetting.com
15	www.google-analytics.com	www.bendigoadvertiser.com.au
14	px.moatads.com	www.bendigoadvertiser.com.au
13	tpc.googlesyndication.com	0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com googleads.g.doubleclick.net www.bendigoadvertiser.com.au
12	securepubads.g.doubleclick.net	www.bendigoadvertiser.com.au www.googletagservices.com static.solutionshindsight.net securepubads.g.doubleclick.net
10	buy-au.piano.io	www.bendigoadvertiser.com.au buy-au.piano.io
10	fonts.gstatic.com	fonts.googleapis.com
9	pagead2.googlesyndication.com	0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com googleads.g.doubleclick.net www.bendigoadvertiser.com.au www.googletagservices.com tpc.googlesyndication.com
8	www.google.com	1 redirects www.bendigoadvertiser.com.au googleads.g.doubleclick.net
8	www.facebook.com	3 redirects www.bendigoadvertiser.com.au connect.facebook.net
8	origami.secure.ownlocal.com	www.bendigoadvertiser.com.au cdnjs.cloudflare.com
6	cdn-gl.imrworldwide.com	www.bendigoadvertiser.com.au
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	h.lqm.io	widgets.outbrain.com
6	fonts.googleapis.com	www.bendigoadvertiser.com.au origami.secure.ownlocal.com buy-au.piano.io trendads.reactivebetting.com
5	googleads.g.doubleclick.net	www.bendigoadvertiser.com.au 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	track.adform.net	0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com s1.adform.net
5	images.outbrainimg.com	www.bendigoadvertiser.com.au
5	www.googletagservices.com	securepubads.g.doubleclick.net 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	cdn.krxd.net	www.bendigoadvertiser.com.au cdn.krxd.net
5	connect.facebook.net	www.bendigoadvertiser.com.au
4	unpkg.com	origami.secure.ownlocal.com
4	www.googletagmanager.com	www.bendigoadvertiser.com.au
3	trendads-swarm-api.reactivebetting.com	trendads.reactivebetting.com
3	ssum-sec.casalemedia.com	1 redirects 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com ssum-sec.casalemedia.com
3	a.twiago.com	widgets.outbrain.com
3	amplify-imp.outbrain.com	widgets.outbrain.com
3	storage.googleapis.com	www.bendigoadvertiser.com.au static.solutionshindsight.net storage.googleapis.com
3	api.solutionshindsight.net	www.bendigoadvertiser.com.au
3	cdn.lqm.io	www.bendigoadvertiser.com.au
3	mcdp-nydc1.outbrain.com	www.bendigoadvertiser.com.au
3	stats.g.doubleclick.net	www.bendigoadvertiser.com.au www.googletagmanager.com
3	rsms.me	origami.secure.ownlocal.com rsms.me
3	cdn.jsdelivr.net	origami.secure.ownlocal.com cdn.jsdelivr.net
3	0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com	www.bendigoadvertiser.com.au
3	cdnjs.cloudflare.com	www.bendigoadvertiser.com.au
3	match.adsrvr.org	www.bendigoadvertiser.com.au ssum-sec.casalemedia.com ads.pubmatic.com
3	static.solutionshindsight.net	www.bendigoadvertiser.com.au
2	secure-dcr.imrworldwide.com
2	secure-gl.imrworldwide.com	www.bendigoadvertiser.com.au
2	api.limbik.com	www.bendigoadvertiser.com.au
2	cse.google.com	www.bendigoadvertiser.com.au
2	platform.twitter.com	www.bendigoadvertiser.com.au
2	mug.criteo.com	www.bendigoadvertiser.com.au
2	gum.criteo.com	1 redirects
2	ads.pubmatic.com	www.bendigoadvertiser.com.au 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
2	confiant-integrations.global.ssl.fastly.net	www.bendigoadvertiser.com.au confiant-integrations.global.ssl.fastly.net
2	gu.dyntrk.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	2 redirects
2	s1.adform.net	track.adform.net s1.adform.net
2	ad.doubleclick.net	1 redirects widgets.outbrain.com
2	images.unsplash.com	www.bendigoadvertiser.com.au
2	as-sec.casalemedia.com	www.bendigoadvertiser.com.au
2	t.teads.tv	www.bendigoadvertiser.com.au
2	htlb.casalemedia.com	www.bendigoadvertiser.com.au
2	hbopenbid.pubmatic.com	www.bendigoadvertiser.com.au
2	www.google.de	www.bendigoadvertiser.com.au
2	consumer.krxd.net	www.bendigoadvertiser.com.au cdn.krxd.net
2	a.teads.tv	www.bendigoadvertiser.com.au
2	adservice.google.com	www.bendigoadvertiser.com.au
2	adservice.google.de	www.bendigoadvertiser.com.au
2	cdn.polyfill.io	origami.secure.ownlocal.com
2	snowplow.ownlocal.com	www.bendigoadvertiser.com.au
2	cdn.cxense.com	www.bendigoadvertiser.com.au
2	aswpsdkus.com	www.bendigoadvertiser.com.au
2	pixel.roymorgan.com	www.bendigoadvertiser.com.au
2	z.moatads.com	www.bendigoadvertiser.com.au securepubads.g.doubleclick.net
2	static.chartbeat.com	www.bendigoadvertiser.com.au
2	js-sec.indexww.com	www.bendigoadvertiser.com.au ssum-sec.casalemedia.com
1	id.sharedid.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	api.ipify.org	www.bendigoadvertiser.com.au
1	rziuhdghvxqz5hblufqkvcvnr3trr1639404806.nuid.imrworldwide.com
1	syndication.twitter.com	platform.twitter.com
1	sdk.amazonaws.com	www.bendigoadvertiser.com.au
1	clients1.google.com
1	www.googleapis.com
1	bam-cell.nr-data.net	www.bendigoadvertiser.com.au
1	secure-au.imrworldwide.com	1 redirects
1	beacon.krxd.net	www.bendigoadvertiser.com.au
1	www.npttech.com	www.bendigoadvertiser.com.au
1	js-agent.newrelic.com	www.bendigoadvertiser.com.au
1	trendads.betfindr.com	trendads.reactivebetting.com
1	image6.pubmatic.com	ads.pubmatic.com
1	thrtle.com
1	px.britepool.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	d.adroll.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	widgetmonitor.outbrain.com	widgets.outbrain.com
1	a3192.casalemedia.com	0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
1	static.adsafeprotected.com	widgets.outbrain.com
1	pixel.adsafeprotected.com	1 redirects
1	transform.newsnow.io	buy-au.piano.io
1	us-central1-kube-ownlocal.cloudfunctions.net	www.bendigoadvertiser.com.au
1	fastlane.rubiconproject.com	www.bendigoadvertiser.com.au
1	cdn.newsnow.io	www.bendigoadvertiser.com.au
1	cdn.materialdesignicons.com	1 redirects
1	mv.outbrain.com	www.bendigoadvertiser.com.au
1	s8t.teads.tv	www.bendigoadvertiser.com.au
1	analytics.google.com	www.googletagmanager.com
1	c2-au.piano.io	www.bendigoadvertiser.com.au
1	ping.chartbeat.net	www.bendigoadvertiser.com.au
1	id-au.piano.io	www.bendigoadvertiser.com.au
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	mab.chartbeat.com	www.bendigoadvertiser.com.au
1	odb.outbrain.com	www.bendigoadvertiser.com.au
1	surveys-static.survicate.com	www.bendigoadvertiser.com.au
1	api.rlcdn.com	www.bendigoadvertiser.com.au ads.pubmatic.com
1	log.outbrainimg.com	www.bendigoadvertiser.com.au
1	survey.survicate.com	www.bendigoadvertiser.com.au
1	widget-pixels.outbrain.com	www.bendigoadvertiser.com.au
1	tcheck.outbrainimg.com	www.bendigoadvertiser.com.au
1	maxcdn.bootstrapcdn.com	www.bendigoadvertiser.com.au
1	cdn-au.piano.io	www.bendigoadvertiser.com.au
0	api.britepool.com Failed	ads.pubmatic.com
394	121

This site contains links to these domains. Also see Links.

Domain
realestateview.com.au
tributes.bendigoadvertiser.com.au
celebrations.bendigoadvertiser.com.au
www.countrycars.com.au
hiring.bendigoadvertiser.com.au
addirect.com.au
www.agtrader.com.au
garagesales.acmcloud.io
www.exploretravel.com.au
www.australiancoupons.com.au
www.facebook.com
twitter.com
www.outbrain.com
www.simbaly.com
www.theland.com.au
h.lqm.io
rfvtgb.housecoast.com
australiancommunitymedia.zendesk.com
specialpubs.austcommunitymedia.com.au
www.realestateview.com.au
viewinsurance.com.au
www.beevo.com.au
www.oneflare.com.au
whizz.com.au

Subject Issuer	Validity	Valid
bendigoadvertiser.com.au Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
solutionshindsight.net Amazon	`2021-02-19` - `2022-03-20`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
widget.secure.ownlocal.com GTS CA 1D4	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-21` - `2021-12-20`	3 months	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
pixel.roymorgan.com Go Daddy Secure Certificate Authority - G2	`2021-09-29` - `2022-10-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
aswpsdkus.com DigiCert SHA2 Secure Server CA	`2020-02-03` - `2022-02-07`	2 years	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
snowplow.ownlocal.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
fairfaxregional.com.au Amazon	`2021-11-21` - `2022-12-20`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
cdn.lqm.io R3	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.camp-fire.jp GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-20` - `2022-06-21`	a year	crt.sh
*.newsnow.io Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.lqm.io R3	`2021-11-09` - `2022-02-07`	3 months	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.betfindr.com Amazon	`2021-01-15` - `2022-02-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
limbik.com Amazon	`2021-05-07` - `2022-06-05`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
sdk.amazonaws.com Amazon	`2021-08-25` - `2022-09-23`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh

This page contains 42 frames:

Primary Page: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Frame ID: E68023E5A25478AADFB14813A1EEB2AD
Requests: 197 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: 945AD4263C8E701739E37E1156547690
Requests: 10 HTTP requests in this frame

Frame: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4405A7FA09CCAA6A5FB1FBBFB0F14FBA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 9554EED8AF0BF3F05363026012A704F4
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsCuyoSdAMxKCuPdbPj5TmZ648eUeBWxDhWGKtVBaVrOPzMqT2PV1Ra_6qCvIShRmHvSQASA_UfkOxx_0EtsjhNGqxIMqA6ynZxgpo1ZeIujAxObR2JLsINXCG8daqplH6_VVf4RYRCSleHYPeVCiwqvyOuLyMby7eVa5cuWjtXi2kICGILWvlwukrwfllEGcgnsYTWIR_fYfNzVMD4Gb0f7SWhcbRu6paOsOejfwWNSsHYW3F-eRoX56vQ7U3hxjMrc-LLQjuETAOQJRiOrMCdkfmEZptmL55rsAj2Z0cmwu5CBY-m40KxbhJXHc7_NVm_2UwjE0PJzqCP_4l08QnF8qjlHE5uAb-bviUZw&sai=AMfl-YSIP9RABmw5mQIflleljp2gOKi0RWJuHCwELHoDA7bLCdAiLh-61snIi3Vjkv2nTx1q5FHGFsUuLGwGX7aP1JV6sxKSbiI-Mz0LZAuthxhrxnYcc9clxUvPgQUbh4K0&sig=Cg0ArKJSzLUKlZFBzCpqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1D8DBD8EBC16842F49BEA93D6F420EE7
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F9D399E4F8F100E47651E0FB6089CF7F
Requests: 1 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: 10C27E0CF0B10E1B8ED6456F28507A3C
Requests: 18 HTTP requests in this frame

Frame: https://buy-au.piano.io/checkout/template/cacheableShow?aid=XxwEsdXWKB&templateId=OTLN70LK8DCI&templateVariantId=OTVQEST6XTX4O&gaClientId=54876956.1639404802&offerId=fakeOfferId&experienceId=EX0I4CZASK3M&iframeId=offer_cb537d20eb7adae378b4-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au
Frame ID: 1EF7905B2D72089358C45BE3CDAE7337
Requests: 7 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: BA264AA094FA6F1794D62B7BA6E90EC0
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: A4A66D1A632BEC1EB95969C2A35D2A70
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: C20958528C1818B407F295CFEF86AFC1
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: AE300089723DDCC3AD6A817138004CCD
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 4D5D98173AA05F6EDD6552EDC944C097
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: EC3C90D06C46861EF08B0F9B330DBB33
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: C1288354C87874808170E2DB75BBFBBF
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: F8F7FB8AEB6F213EA4B34679C60EF469
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 8F896F24964DCF725674F6DED7ACDA88
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: E71BB8A018A8EB4A8AB3801021B49E65
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7900939C9192B13A4E6BBD36DC96D08A
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: F03C81C0475428C6D57EFB0D3919734B
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: C1FBC97E999C005BAF5DA61CC80B77D4
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 63A5B119BAD481E78564B8341F4143A9
Requests: 3 HTTP requests in this frame

Frame: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C6F2BB9B4239B05CF11E791E7F56236
Requests: 12 HTTP requests in this frame

Frame: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA5FF5A18B0FF15EAF73371000E91235
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D46F720F740CBCB4D891AC1C14B3CA18
Requests: 19 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6_1%2Fsite%2F9zk0424e%2Fad%2F1651648%3Fprice%3D0.08104651%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F
Frame ID: CA0FF04A5E7AF968515E367B61C1E9B6
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6%2Fsite%2F9zk0424e%2Fad%2F1648327%3Fprice%3D0.12875398%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F
Frame ID: D3261B42DB217C6AFAC7B54EAB101D3B
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6_2%2Fsite%2F9zk0424e%2Fad%2F1648328%3Fprice%3D0.064960465%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F
Frame ID: 206612986E1BF26F4518FC5B5A688910
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3606295681&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=185.232.23.0&output=html&unviewed_position_start=1&url=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station&sub_client=bidder-309936&aceid=MCMXtACX5NMAOtTmAPlVNAGxazQB2m00AeVuNAEWbzQBwW80AcJvNAEecDQBTnA0AV5wNAG2cDQBuXA0Ad1wNAHucDQBDnE0AVRxNAFVcTQBZnE0AXhxNAGHcTQBl3E0AaBxNAG1cTQB0XE0AUtzQQFTc0EBWHNBAbO-igEs_dkBxf7ZAWLB_QGRHVwCwh1cAkD3iALs-YgCn0CqAidCqgIoQqoCgkKqAhZcqgL-eKoC4nuqAkx9qgIygqoCq5GqAreUqgKAm6oCgZuqAoKbqgLanqoCpaeqAqKoqgK0q6oCK6yqAlOsqgIcrqoCHa6qAuGuqgKWr6oCNLCqAnawqgJ5sKoCfLCqAn-wqgKCsKoCirCqAra0qgI4vKoCZ8CqAq_AqgKoxKoCdMmqAsnKqgLVzKoCKM2qAjHOqgK7zqoC4c6qApTPqgJK0KoCcNKqAs7TqgJR1aoCStaqApPXqgKD2KoCfdmqAqnZqgLd26oCltyqAijeqgJV3qoCv96qAqDfqgI74aoCdOKqAtbiqgLm4qoCY-OqAoDkqgLz5KoC_-SqAgflqgKg5aoCIOaqAsXoqgLK6KoC4-iqArnpqgJB66oCSeuqAlXrqgJG7KoCwO2qAmTuqgJ57qoCqbPFBTXTgwjQhiMKCHD2C8PYoQ7OoTUROJX7Eg2x-xIQvvsSBsn7Errc-xLv5vsSzuf7EmDp-xIh7PsScu37EtDt-xLh7vsS7e77EsXv-xIX8PsSHPD7EkHw-xJu8PsSx_D7EpZmZBNnXdATmaLqFA9cNxeayxwY91ZrGlkAkimtkkE5&awbid_c=AKAmf-A7rg4C0aKMt85TSQIsgCjss2AzL8_FJlhbKeHenj1BQxwuaWUvPeqypZQtTe-YPtJQBAtaeeGy32-Lg7Reugo7khisx_tZyxnfEbZBEsoAIiWpp00Kn3otoPxh1eeaDFwddWAnK13LK_yWbveB_Tu0GmG6O0d_un2p4R78iAqtekbINBM&awbid_d=AKAmf-DgMBR3gpZRSW3KLgZZkY9RWa0BkmvtwLvE7xLw1awwE6h101dCa4LqP78pBuUmUlwUfAzUrEcdH9LUHFtn9o6W1290DLFoPx3C-UunGJ9wFbZLrJ_8jaZOeighn1GftxGMYe3OlWhvAoyuiuXcbf9xWHujs8r5XiBucFa3Oi9qZ6kFwt0RWB-zBr2DU2NlagHjWp6dHLnayFhPHSR-zdLHkMPrG-y_j45XeQwew0g56PSrl4h9My_XynjntXoxh0g-bn1O8yeW3mWd6Afp70mrZ8p6Nnh1RMPCltoJSs8zu_9Vhvlnfkq6DYz3nDU2JBknmQx4ENPLW-IYaBFx3JkhVny3coDs-Ag2xFMpwhRHz-gdt9lPYXKFX9VUoZIKNbzUsORFAmMVIVQvfIMl2VPnKQQUtTt8QR3kHmv9sVO82GhK7eJqO0drdAbcOACdfcAXcSyRrXIs_dFjGY7ZAmoY0LANJnp_RtS-UwfhKSjhXL8EhYsvBQzETWxiQ-wrNxoCSIu6jknJ3xKS_PhkALIsmMjjM_GBGv28LjTLcur4XYT2rJUHa3anTl6m6X35lRe8bOA34MB-isfP0Hmhzf0x0KMi4PUoNERAKtB7lKPVfYjm_Pfck7JCgdjJvhPbSdTfwniaNYCSuPCtsURpkNcnvEWEgh6zuBq8NcrHuY9XjGJBV-6iakOoW9_IlVDVimGgRvxGn4dLET-OTUlCiCPkqquu8_d-e_cztnM4poZ9Vj--Kz0JPrjLlwzTRjVRtrMde9JdS58krqUbboHfey9uheFxkw&cid=CAASBORoqjI&exk=457076748&rfl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&a_pr=13:YbdVBAAAAAAOcGLlmLOu4DXOwWo5j80a5yFHGw
Frame ID: CF32FE9BB83250E4B973D476C9B7539B
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: E1105FBBFF412BDA05FB9244A4F70635
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 653C8EF2E6FB633BEC9B600B36D82AA9
Requests: 2 HTTP requests in this frame

Frame: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Frame ID: 509D98EEEB3BB7B067F3569AF91C13D5
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 0B1912D42FDCDB7F2F290A48A31F11D7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0783573A0659DF7AF96F47DEC7D1E0D9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5754BFB96D46A423AD235223DC8F12E2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0B9D74260D4562E6D4936A8E7220068
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.bendigoadvertiser.com.au
Frame ID: C0ADB78B649714413D9BA82BF02B616E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0a3f911f0b8c%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: 951971B2FEF92D7C6294A103CB799471
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa0c41cc6b111%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: 16DDCF9C45FB2340CDACE3A104E663F3
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 1DEE7BC2781B3F54A598C1C22556F044
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 3E14FC81E3C2ADB454CA5925BC46B431
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df133ad9d6c28ba8%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: D871CD8C0837E32D834581BC0F19AC85
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hackers targetted Qld power station | Bendigo Advertiser | Bendigo, VIC search

Page URL History Show full URLs

https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-stationreport/?cs=12 HTTP 301
https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12 Page URL

Page Statistics

394
Requests

95 %
HTTPS

46 %
IPv6

68
Domains

121
Subdomains

98
IPs

11
Countries

6230 kB
Transfer

17222 kB
Size

57
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://realestateview.com.au/for-sale/in-vic-bendigo-3550/
Title: Real Estate View

Search URL Search Domain Scan URL

URL: https://tributes.bendigoadvertiser.com.au/obituaries/bendigoadvertiser-au/
Title: Tributes

Search URL Search Domain Scan URL

URL: https://celebrations.bendigoadvertiser.com.au/celebration/bendigoadvertiser-au
Title: Celebrations

Search URL Search Domain Scan URL

URL: http://www.countrycars.com.au/
Title: Cars

Search URL Search Domain Scan URL

URL: https://hiring.bendigoadvertiser.com.au/
Title: Place a Job Ad

Search URL Search Domain Scan URL

URL: https://addirect.com.au/
Title: Place a Classifieds Ad

Search URL Search Domain Scan URL

URL: https://www.agtrader.com.au/search/vic--northern-victoria--greater-bendigo-region?utm_source=bendigoadvertiser.com.au&utm_medium=classifieds&utm_campaign=regionals
Title: Ag and Rural

Search URL Search Domain Scan URL

URL: https://garagesales.acmcloud.io/?lat=-36.757015&lng=144.279388
Title: Garage Sales

Search URL Search Domain Scan URL

URL: https://www.exploretravel.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.australiancoupons.com.au/
Title: Discount Codes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/&text=Hackers%20targetted%20Qld%20power%20station&via=BgoAddy

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: http://www.simbaly.com/view/harry-potter-grown-up-de-sim/?src=outbrain&utm_source=outbrain&utm_medium=$section_id$&utm_campaign=004ac23bc2657a13c7b1d661d7ac8cb96b&utm_key=380&utm_content=00e4d0b7ad7f363f2c755226ddf483cc0b&utm_term=SIM_D_DE_harry-potter-grown-up-de-sim_yuvalm_w_286333751&guid=$ob_click_id$&omid=00f5fd81fab22029cdb55566393d435e14&obOrigUrl=true
Title: Promoted [Fotos] Die Frauen von Harry Potter - damals und heute Simbaly

Search URL Search Domain Scan URL

URL: https://www.theland.com.au/story/7441448/new-mycorrhizae-inoculant-boosts-crop-resilience-with-age-old-symbiotic-partnership/?cs=6112&obOrigUrl=true
Title: Branded Content New mycorrhizae inoculant boosts crop resilience with age old symbiotic partnership

Search URL Search Domain Scan URL

URL: https://h.lqm.io/bid_click_track/6v0rQRczdoSxqPlKphKbR6/site/9zk0424e/ad/1648327?isac=false&turl=https%3A%2F%2Fa.twiago.com%2Fadclick.php%3Fpid%3D7230%26wmid%3D53907%26gdpr_consent%3D%5Bconsentstring%5D%26nvc%3D1%26ord%3D1639404804358544%26lqmclid%3D&obOrigUrl=true
Title: Promoted Willkommen in einer neuen Welt Volkswagen Jetzt einsteigen

Search URL Search Domain Scan URL

URL: https://h.lqm.io/bid_click_track/6v0rQRczdoSxqPlKphKbR6_1/site/9zk0424e/ad/1651648?isac=false&turl=https%3A%2F%2Fa.twiago.com%2Fadclick.php%3Fpid%3D7230%26wmid%3D54441%26gdpr_consent%3D%5Bconsentstring%5D%26nvc%3D1%26ord%3D1639404804358926%26lqmclid%3D&obOrigUrl=true
Title: Promoted Zaubere mit Profikoch Nils Egtermeyer & Nadine Klein ein leckeres 3-Gänge-Weihnachtsmenü! Penny Einfach nachkochen!

Search URL Search Domain Scan URL

URL: https://h.lqm.io/bid_click_track/6v0rQRczdoSxqPlKphKbR6_2/site/9zk0424e/ad/1648328?isac=false&turl=https%3A%2F%2Fa.twiago.com%2Fadclick.php%3Fpid%3D7230%26wmid%3D54330%26gdpr_consent%3D%5Bconsentstring%5D%26nvc%3D1%26ord%3D1639404804359283%26lqmclid%3D&obOrigUrl=true
Title: Promoted Jetzt die VERTUO Next Kaffeemaschine von Nespresso verschenken und sparen Jetzt shoppen Nespresso

Search URL Search Domain Scan URL

URL: https://rfvtgb.housecoast.com/worldwide/mike-renovierung-alten-hauses-ge?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=hc-suitcase-ya-des-0g-yy-05031d&utm_term=$section_name$&obOrigUrl=true
Title: Promoted [Pics] Mann zieht aus seinem Haus aus, nachdem er einen geheimen Raum gefunden hat, der dieses enthält ... Housecoast

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/The-Bendigo-Advertiser/301746202026
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/BgoAddy
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://australiancommunitymedia.zendesk.com/hc
Title: Help Centre

Search URL Search Domain Scan URL

URL: https://specialpubs.austcommunitymedia.com.au/e-realestate/VIC/BATRE/3dissue/index.html
Title: Property Digital Edition

Search URL Search Domain Scan URL

URL: https://www.realestateview.com.au/
Title: Real Estate View

Search URL Search Domain Scan URL

URL: https://viewinsurance.com.au/
Title: View Insurance

Search URL Search Domain Scan URL

URL: https://www.beevo.com.au/
Title: Beevo

Search URL Search Domain Scan URL

URL: https://www.countrycars.com.au/
Title: Cars

Search URL Search Domain Scan URL

URL: https://celebrations.bendigoadvertiser.com.au/celebration/bendigoadvertiser-au/
Title: Celebrations

Search URL Search Domain Scan URL

URL: https://www.oneflare.com.au/
Title: OneFlare

Search URL Search Domain Scan URL

URL: https://whizz.com.au/
Title: Whizz

Search URL Search Domain Scan URL

URL: https://australiancommunitymedia.zendesk.com/hc/en-us/articles/900003729166-I-can-t-see-the-login-or-subscribe-buttons
Title: Whitelist us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-stationreport/?cs=12 HTTP 301
https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css

Request Chain 142

https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css

Request Chain 235

https://ad.doubleclick.net/ddm/trackimp/N6264.2621703STROEERDIGITALMEDIA/B26812199.320578998;dc_trk_aid=513171879;dc_trk_cid=161936268;ord= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6264.2621703STROEERDIGITALMEDIA/B26812199.320578998;dc_pre=COD8rej64PQCFXTsEQgdGNMEwg;dc_trk_aid=513171879;dc_trk_cid=161936268;ord=

Request Chain 237

https://pixel.adsafeprotected.com/rfw/st/877852/58581475/skeleton.gif HTTP 302
https://static.adsafeprotected.com/skeleton.gif

Request Chain 266

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGYAh1wRPQYq6FTlRGI3Dvo&google_cver=1

Request Chain 286

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB&dcc=t

Request Chain 287

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbdVBZLxVr6rYc1TB5r7PAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECT4XF6FuhuQbGln1i0MlOw&google_cver=1&gdpr=1

Request Chain 288

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BFHTUwdVgVEfWYQFB1GcVQpZhVYfBtUHAVcVJt4B

Request Chain 289

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 290

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4b4c4d15-eb1a-4e0b-b50d-63132cc09d54&expiration=1670940805

Request Chain 291

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 297

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 304

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&domain=www.bendigoadvertiser.com.au&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=F6o9u3xDR2pEQnEyM1Bla2k4dFZncDRKaHFyZzZZZ0VjSWxJdjBFT1hZdzJRTU1pd2xVTGZmMDZUajlZUmM1dzF1ZlRkN0p0VW5OUEg3NEhONkRpVTZPR2JCaXB5OXgxWGkzUmxPc3JUU3FhTHd0enQxZEVIeDRDMFQyL21pcmdnV3lYeks5cUQ5dGdITjY5VnVqVzVVSXdOYlZ1K2p5KzFxSk9zdE1iZzVqOFZ4K2RQN2Y0ZzR2Vi9NVEU0R3R1dEcwbnF0TnFveElMK0F6enFOSVdNbjdFWkQ1R09BUjlVN2hBRUZiVGFsNXUzSzZuU05VUkxCYVlmWEpTbExnOXk2RTFjfA&cppv=2

Request Chain 305

https://px.britepool.com/new?partner_id=t HTTP 302
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=990a7b79-2cdc-42d4-b961-7c8f95e134ad

Request Chain 327

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 365

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e0a3f911f0b8c%26domain%3Dwww.bendigoadvertiser.com.au%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bendigoadvertiser.com.au%252Ff5e9a2b17b22a4%26relation%3Dparent.parent&container_width=610&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Bendigo-Advertiser%2F301746202026&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0a3f911f0b8c%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Request Chain 366

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa0c41cc6b111%26domain%3Dwww.bendigoadvertiser.com.au%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bendigoadvertiser.com.au%252Ff5e9a2b17b22a4%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Bendigo-Advertiser%2F301746202026&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa0c41cc6b111%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Request Chain 381

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df133ad9d6c28ba8%26domain%3Dwww.bendigoadvertiser.com.au%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bendigoadvertiser.com.au%252Ff5e9a2b17b22a4%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Bendigo-Advertiser%2F301746202026&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df133ad9d6c28ba8%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

394 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/
Redirect Chain

https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-stationreport/?cs=12
https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

99 KB
28 KB

544ms
543ms

Document
text/html

18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-84.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

02a36257cd3993d869d7e8f680c6003a0365d9e67f0767fe893d195576a7b75c

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Mon, 13 Dec 2021 14:13:21 GMT
server: nginx
content-security-policy: child-src * blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,User-Agent,Cookie,Origin
x-cache: Miss from cloudfront
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: T-V59ZmIE7EKlAzTA2vZhVfpX8vm0j4c04SK3rwcRqOJ6VSDvkhudw==

Redirect headers

content-type: text/html; charset=utf-8
content-length: 0
date: Mon, 13 Dec 2021 14:13:21 GMT
server: nginx
location: /story/7542491/hackers-targetted-qld-power-station/?cs=12
content-security-policy: child-src * blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Cookie,Origin
x-cache: Miss from cloudfront
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: mrCg4pRox8JxnhYsDRueKFU7dAu5uPOVo6i6llmINQcAfQ3qHn0hpw==

GET
H2 200 base.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/ 185 KB
34 KB 315ms
314ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/base.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d204ee3c24b2f3e1738d36a121513c222da807fcaf8e05b553152d998535b4aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-2e434"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: p3-jJvMthJWCMyZRV16-8b19MxwhqnYjIG7qskzoz90kIF1IfGnIiQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/ 67 KB
12 KB 290ms
289ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/desktop.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 83cffdba4c4328a5828b2dd607db47145a0d886270034f2c615f879ac1995814

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-10dc8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: g_xxCxMWIDGlwk8Mf91AlC-Ih-anzM90BzESNAyXg9NykrPyicDtQA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-tablet.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/vendor/ 214 KB
42 KB 291ms
290ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/vendor/masthead-tablet.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: db467146b71336f602c1f73aa38765ea43c3c1f3cded095a1389665e640af4b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-356a3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: tNpGiezoI6A0TvZNZ8NiT6nA7uk1jCnqEht4RIZXD8_8Uo5Ko5elVw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/masthead/ 247 KB
53 KB 299ms
297ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/masthead/icons.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6f1f9ec4e2325dd79fe242e37ecbe16b2f35229e06e56db19552e82ed0168c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-3dccc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: 8LCgD_Z-TmP-4XO9Ml8YHTBsMlWbYaoMe8pzX7EJMXBt7-llt0F7qw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-skin-canberratimes.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/vendor/ 2 KB
895 B 317ms
315ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/vendor/masthead-skin-canberratimes.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-708"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: zakVHfmGfVWXpGmnfbceVrVuXnIjB1Bv0NgUKm1d7tGu1pNkiD50hw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 legolite.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/ 61 KB
13 KB 288ms
287ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/legolite.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: c26f53f92927765186d2af1b3dd66c7eaa51b6ff3510015488e31944a2a9c3f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-f5ac"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: e78D_an9k7AeIgdT1GkQSWIvdx6Kee_3R1iOrHieENaBTgs6IfUQeQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1792c646f0168efd9771655a867b9e076049853737e4b8f9e6cf1c1998739da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 14:13:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 14:13:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 14:13:22 GMT

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 83 KB
24 KB 37ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e44351fd1d3db063e5d687b93d017a949e82dc13c3fe8ad01f9361012e5c1b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:03:45 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 17:11:24 GMT
server: AmazonS3
age: 648
etag: "8527b75c7343fd795f7f9d13675e1ae7"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 24050
x-amz-cf-id: 2tpLAiSkqQWalTZRdkYo8epUirPgyDgeYnF17p4RYcxNRsybVrVz9Q==

GET
H2 200 masthead-main.png
www.bendigoadvertiser.com.au/static/1639372157/sites/bendigo-advertiser/images/masthead/ 4 KB
5 KB 294ms
289ms Image
image/png 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/sites/bendigo-advertiser/images/masthead/masthead-main.png
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6395c658d9ddf789c3fb7fc717ff5fa8d6c25ec93b0873ee6bba454ec062289f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "61b6d57d-11d7"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4567
x-amz-cf-id: AW-n2KjufhqzgmblUW7N_hK2H3i3zzC-i3l30hTfIm2BRqX3PRmoHw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mobile.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/ 85 KB
15 KB 297ms
293ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/mobile.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: eab32cf19c18bb6d5776a2434f533733f0e2a8a2cfa6074da2dfa01e1940de08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-15311"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: FSpARqQNb_ODA-5Umabqe-jqnN4brV05CF-U4i89ar8YDYGGkI3jJA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablet.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/ 71 KB
13 KB 295ms
291ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/tablet.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9a821fafecfc9ba8ca1c4c7848efe07f823ec1a84c1ec05e643414ececfd2082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-11b4b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: rmWLzmdf3OfHO4V2R3iqYAM90RFqNYm4wNRP_WCMO8WKDojKskqvDw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablet-landscape.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/ 70 KB
13 KB 273ms
270ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/tablet-landscape.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e79efd32d78c3201da2f062c2bbc811587a4f57c575019a00057172efff59f09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-1161b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: L3IZRh1RmumAvESrevWEhyA8qfNsjgdOZSJ6ZDrlypylQ0jJQ3xSdQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-mobile.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/vendor/ 185 KB
37 KB 317ms
314ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/vendor/masthead-mobile.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d2f1aee1a9cd7957dea20305e185de71cc8b5b36c3652e93b658ccde0dcb5c06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-2e356"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: 0lfz2YiScBPcYV9f4rbYBvQG-esVx8x3rWH6hSrq6fQQsjX928Aq8Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 r0_0_800_600_w1200_h678_fmax.jpg
www.bendigoadvertiser.com.au/images/transform/v1/crop/frm/silverstone-feed-data/93c2e086-a6d5-4447-ae89-d01a277ecaa0.jpg/ 78 KB
78 KB 17ms
12ms Image
image/jpeg 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/images/transform/v1/crop/frm/silverstone-feed-data/93c2e086-a6d5-4447-ae89-d01a277ecaa0.jpg/r0_0_800_600_w1200_h678_fmax.jpg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7896d1a0f30a23b62c4ba33276aff03b7e2f64bbcae1f5c2fb5187c779425472

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 02:14:46 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Tue, 07 Dec 2021 20:11:06 GMT
server: nginx
age: 129516
etag: "e12a7d931de3f44b4778e26afc2752bf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
x-transform-stats: ft:0.068 tt:0.001
content-length: 79889
x-amz-cf-id: BvprW1WkemOmE88wfY2rMmEnVpVQohlNFOiby_du4fFlonDRRGEv7g==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 188 KB
66 KB 109ms
28ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3ad2b7044bc00ef7bdee32d0d74efc77ed72cb9a9d5a0cb40db36d8ba311e5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 07:43:02 GMT
etag: W/"2ef3c-K5Om4sgxgxQ38XrM7FX6fZbsFj4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 210fee66c8736851ccfd2c36290dcd61
timing-allow-origin: *, *
content-length: 66675
expires: Mon, 13 Dec 2021 18:13:22 GMT

GET
H2 200 spinner.gif
www.bendigoadvertiser.com.au/static/1639372157/images/ 2 KB
2 KB 308ms
304ms Image
image/gif 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/images/spinner.gif
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "61b6d57d-739"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1849
x-amz-cf-id: SsUN_FjKmqJMwSaoPTRQHHiMclYwus0PawDF5mqbiSBka2IOd4VIbQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-alt.png
www.bendigoadvertiser.com.au/static/1639372157/sites/bendigo-advertiser/images/masthead/ 5 KB
5 KB 298ms
294ms Image
image/png 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/sites/bendigo-advertiser/images/masthead/masthead-alt.png
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: ddf68ea9a10d160f1de922ed111ed723b6f6a4c718cae3ace6209c6cf36fddfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "61b6d57d-121e"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4638
x-amz-cf-id: xqMQNwGs85W_RPMKqF_rgh8E_dZmruME_rDjrKV7Q3_mK1oDtzmTGw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tinypass.min.js Show response
cdn-au.piano.io/api/ 395 KB
123 KB 56ms
28ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-au.piano.io/api/tinypass.min.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10f0ad588f05191ae9cc057cf2b8364b676cc9cbd70d47226ff2aa027e1fd457

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 2944
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-au-dash-10-1-4-89
last-modified: Mon, 13 Dec 2021 13:16:05 GMT
server: cloudflare
etag: W/"404856-1639401365617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=14400
cf-ray: 6bcfcaeeadb44aaf-FRA
expires: Mon, 13 Dec 2021 18:13:22 GMT

GET
H2 200 vendor.js Show response
www.bendigoadvertiser.com.au/static/1639372157/legolite/js/ 372 KB
117 KB 299ms
299ms Script
application/javascript 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/js/vendor.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 21287f91f624f79998131bdfd48b93a41a91d4e6e295506f695335e58a483bd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-5cfdc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: qWCwAvZOyFOLjTTy_GxKjTcsu9ulu8G4NN_xweDwGKMCi702XEHdMA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
www.bendigoadvertiser.com.au/static/1639372157/legolite/js/ 220 KB
63 KB 314ms
308ms Script
application/javascript 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/js/app.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 0da595785bcb1161f319f403c1a5de0d2aaf05edf0b8bc0bd9925739acfae02c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-36ef6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: r50U3gk_E8X_ZswpcGN4aZjOPmRRD-nUkFbunLvYWgGuaMzemczPIQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 45ms
16ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 155 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 14:13:22 GMT

GET
H/1.1 200
OK 186432-278594325649166.js Show response
js-sec.indexww.com/ht/p/ 113 KB
35 KB 79ms
31ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186432-278594325649166.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 84090c263e0f79c47ea50c29ad48d787a88b729b9afaac719393065918f459c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Dec 2021 13:56:48 GMT
Server: Apache
ETag: "da4070-1c421-5d30771ac1f98"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2867
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 35007
Expires: Mon, 13 Dec 2021 15:01:09 GMT

GET
H2 200 origami-widget.js Show response
origami.secure.ownlocal.com/ 13 KB
14 KB 77ms
9ms Script
application/javascript 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami-widget.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:06:40 GMT
age: 40002
x-guploader-uploadid: ADPycdvYxAhb_4WdE6be1E5wSg085M67Hwn5Hm5e52XjPJFK_b2VIpfWKAKmvXBGLT1rGBEf0NxP3hfNMzwvhNkmDcjeP_ysAA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13289
last-modified: Mon, 19 Oct 2020 18:40:43 GMT
server: UploadServer
etag: "f5183a07384a657e61aaaeba0fc72448"
x-goog-hash: crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation: 1603132843078573
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 13289
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 14 Dec 2021 03:06:40 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 70ms
13ms Script
application/x-javascript 2600:9000:2240:8e00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:8e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 12:25:43 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:17:06 GMT
server: nginx
age: 6459
etag: W/"6179ec02-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 9Fo9rM22Zn5aaYXn0q-n4BUt_nIp8mywTfaO1i6So4ZX5x_1SOXXEw==
expires: Mon, 13 Dec 2021 14:25:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 313 KB
84 KB 65ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPMZ4JM

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54edaa1c2f919c766434a85d567a262222c600ca0f5189f05c80837a7df6382a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85650
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 14:13:22 GMT

GET
DATA 200
OK truncated
/ 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495a25bc34fa5587f34b986afa47450cfcf14a44e75702f77986d872f38ffc3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3cf517b81c423745f3492c52555abc85cbc7798d721b333f1d2a87e794cdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v27/ 20 KB
20 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v27/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d526a614dd31fabed89c605d7ddcb6adb1a9e2e45f3644ecbaabacf892bf038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 21:12:58 GMT
x-content-type-options: nosniff
age: 493224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20024
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:49:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 21:12:58 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 05:43:33 GMT
x-content-type-options: nosniff
age: 462589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 05:43:33 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 41ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 442245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 11:22:37 GMT

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 404b904f1d21059e43c8d5a2a5588c301310a2df08ba601c99096454277455a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 488 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e63ce2cd90b5a7afcd2d6f962083c887bcf442c46987aaf5ba719ca23591881

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b906fc46b61702ca44065496615da1c589eed624c4ddaf7862f1bd9fd8ab22c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34604ba39b93517852a6a2239fca2a8ef5454ef608d91dfdba2413a5c03c9ef5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 06:44:42 GMT
x-content-type-options: nosniff
age: 286120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 06:44:42 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v27/ 19 KB
19 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v27/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5a2b7b5ed14b466f41c272f268e0f6fa9f38c34d0ca6a5748accf006b313258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:34:09 GMT
x-content-type-options: nosniff
age: 499153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19724
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:49:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 19:34:09 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 96ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 5971
cdn-cachedat: 2021-06-08 21:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 29f70510a14731437be13d3e6c48a3ec
accept-ranges: bytes
cf-ray: 6bcfcaefcc29d61c-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK d3d3LmJlbmRpZ29hZHZlcnRpc2VyLmNvbS5hdQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 88ms
19ms XHR
application/json 92.122.252.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmJlbmRpZ29hZHZlcnRpc2VyLmNvbS5hdQ==
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.252.200 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:22 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=23886
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: a6a69417c8e0fcc83c4cf5ee8e2e1e24
Content-Length: 16
Expires: Mon, 13 Dec 2021 20:51:28 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 47ms
37ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.793840273465506
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 12 Jan 2022 14:13:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4336
date: Mon, 13 Dec 2021 13:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 15:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
29 KB 27ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3cf086a338c229555c5e9e90504579ef23e2dc056adb1d4c82d770f403ee0da8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 28501
x-xss-protection: 0
pragma: public
x-fb-debug: UgkYTp9kSO49DA8mZ5Zd07j2vixfMlMUXOADeIqqpGcBZQsr6mU8z2w5dbtRgTVuDJgEDf2h+YKv4bgEowefKw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 13 Dec 2021 14:13:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/94912c09593f641e7067418aaecb8def/ 26 KB
5 KB 53ms
11ms Script
text/javascript 2a0b:4d07:1::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/94912c09593f641e7067418aaecb8def/web_surveys.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a0209e9b3c5b550d0bbc207303cf0b3a6f9a48146a799a54f035b7e0a4dc6e8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 13:30:41 GMT
server: keycdn-engine
x-amz-request-id: 0D2TM2VVE50KBATD
x-edge-location: defr
etag: W/"3b44ea8fbf13e786e8045b9fc3d9a9ce"
x-cache: HIT
x-amz-version-id: ZTOqxXX5Jxn18zDaUOqsdmAu.EHub732
access-control-allow-origin: *
cache-control: max-age=300
content-type: text/javascript
x-amz-id-2: ttyt9+iaHJ/uOok4CTzVl5HxH09a1ajxJCQc3HuqlG5VCgClfVh8uwyKSz53mrvd/LngwFH//+Y=

GET
H2 200 snxj6l9wj.js Show response
cdn.krxd.net/controltag/ 57 KB
18 KB 62ms
10ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 718f86718572cbcb3ac3eebdb94e52a8298ad4f9a4678d12f7f9f566496491bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 13 Dec 2021 14:13:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 200
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17924
x-served-by: config-service-a003-ash-prod.krxd.net, cache-bwi5168-BWI, cache-hhn4031-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1639404803.658288,VS0,VE1
etag: "4d5d98a244b4dc54e0a9637e036c7f8e7213c612"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 moatheader.js Show response
z.moatads.com/acmheader706032617774/ 226 KB
79 KB 66ms
20ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9456d21c9e1343940af64f6ebed900bce7b4c7ec1174afabdfbd62ce2ddfe37c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:26:22 GMT
server: AmazonS3
x-amz-request-id: XED935P8AMY5ZGFP
etag: "a0861984e3ef26cbb133aa3f928fefed"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=59347
accept-ranges: bytes
content-length: 80512
x-amz-id-2: TCb3fifdnbB/4AI5cy4DEEQYgG2gnZ0ds0UikSIWBGC9t1QdRr8MFRheLfi42sOEgEcZJiOiIqc=

GET
H3 200 212556246621990 Show response
connect.facebook.net/signals/config/ 295 KB
83 KB 77ms
67ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212556246621990?v=next&r=canary

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

875a5f7e51c107413a23f6c14fe8db35da72431fb2e023846d936327fe999071

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JopAZtaT0quEEqZGn3AKylC/3lCno6qsc3iZaxFgRsg9GR4D74GvDaO5AH42kl8ycjkHFtxx0l7P2dM/mp3UqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Dec 2021 14:13:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 382ms
92ms XHR
application/json 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1639404802145&sessionId=a419ad99-51e5-dd44-d860-beaaf13cdd95&url=www.bendigoadvertiser.com.au&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:23 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: dabebf89b215b313a03ff8da8f00c021
Content-Length: 4
Expires: 0

GET
H2 200 Tress.php
pixel.roymorgan.com/stats_v2/ 0
352 B 899ms
294ms Image
text/javascript 54.252.100.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=cvcyowszle&ca=20005251&a=5dcilmyo

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.252.100.191 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-252-100-191.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: none
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.1.33
x-cache: MISS from pixel.roymorgan.com
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
552 B 151ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186432
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 4b639212992c0be6121cecbf82913453cca0245049730514aac0e64663898dad

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 12 Jan 2022 14:13:22 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
337 B 42ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 61 KB
17 KB 82ms
34ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 930198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17086
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-f4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UmINCOHnZedXJkgOZbME49DkjmQPDE9pPpCTt4fftGp3MF3BuYa45ZMHWDVSBpEyg0gMxazr%2FfZLc6AiBDT8H1ZlM8No%2FuSwkRI60Ji9fkD67RaIcr%2F8QBs%2FKcjiHBUzY77w9ipQ3A5Mp%2BGcufWRRFm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bcfcaf1ad030e16-MXP
expires: Sat, 03 Dec 2022 14:13:22 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 10ms
10ms Script
application/x-javascript 2600:9000:2240:8e00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:8e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 12:42:59 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:28:27 GMT
server: nginx
age: 5423
etag: W/"6179eeab-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: MNHoatPOvwzxkFxMQmz0BwTzfbEZI41an0yPnTAzdEyoxq98seC2zQ==
expires: Mon, 13 Dec 2021 14:42:59 GMT

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 203 KB
36 KB 47ms
10ms Script
application/javascript 35.227.208.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.208.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.208.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e5ab11b9756b1d55d9319049c61aeefffdbc7c9b96dfcb1e32ecb574b8750c7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:09:37 GMT
content-encoding: gzip
age: 225
x-guploader-uploadid: ADPycds6VmyYehueYp9LjjKKreAXdAPD-HTjBLZBdwnzVcYLRmBgTr5u1DZHzwswh-s47VM8-onUg0gr-Uk1eSLX3YOvcdtTSg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 36677
last-modified: Wed, 17 Nov 2021 23:19:50 GMT
server: UploadServer
etag: "5739d69ebb4010007989b4ccbbab6bf2"
x-goog-hash: crc32c=QL5hlQ==, md5=VznWnrtAEAB5ibTMu6tr8g==
x-goog-generation: 1637191190146808
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 36677
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 14:14:37 GMT

GET
H3 200 active_orders Show response
origami.secure.ownlocal.com/api/ 59 B
89 B 179ms
168ms XHR
application/json 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://origami.secure.ownlocal.com/api/active_orders?owned_by=17056a78-8532-4c86-8220-917945630d4e

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

232.77.96.34.bc.googleusercontent.com

Software

nginx/1.17.2 /

Resource Hash

0b0104cb4c8d6dcfc6423d9415e8a1b31928b91c6daa7f48aa8f368b7d78603e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 1; mode=block
x-request-id: 1ae137a1-8b46-42e3-9cac-7c95280d6cdb
x-runtime: 0.050598
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.2
x-frame-options: SAMEORIGIN
etag: W/"0b0104cb4c8d6dcfc6423d9415e8a1b3"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Origin
cache-control: max-age=3600, public
access-control-expose-headers

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 26ms
10ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 13 Dec 2021 14:48:37 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 91 KB
35 KB 48ms
45ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-T2NBD8D&t=acmRollUp&cid=54876956.1639404802

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3d670166a2108099dfbaf103c04baeb42395bbac5262b19be621b69f89bfbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36064
x-xss-protection: 0
expires: Mon, 13 Dec 2021 14:13:22 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 61ms
36ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 14:13:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 130 B
131 B 47ms
19ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bendigoadvertiser.com.au

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

cd7718e89d843edf42733421d166c142fd1307c8de4b7c156673f1554c46915a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Mon, 13 Dec 2021 14:13:22 GMT

GET
DATA 200
OK truncated
/ 467 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6108edbc1f5214af071c67c83109f7537844742f184c70e53eec990a9ee531d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Tress.php Show response
pixel.roymorgan.com/stats_v2/ 0
353 B 710ms
294ms Script
text/javascript 54.252.100.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=cvcyowszle&ca=20005447&a=wntv6m87&cb=1639404802363

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.252.100.191 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-252-100-191.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: none
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.1.33
x-cache: MISS from pixel.roymorgan.com
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store
content-length: 0

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 71ms
24ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Mon, 13 Dec 2021 15:13:23 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:17:49 GMT
x-content-type-options: nosniff
age: 496533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:17:49 GMT

GET
H2 200 get.js Show response
buy-au.piano.io/api/v3/anon/captcha/ 153 B
318 B 342ms
333ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=XxwEsdXWKB

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7e66a6c03083991b5d7c21708228fde16f486ee1cb4d4e0a7c4fdba97b9dc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cbu424rKVKv
pragma
wn: prod-au-dash-10-1-4-89
last-modified: Mon, 13 Dec 2021 14:04:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=14400
cf-ray: 6bcfcaf2be2d4aaf-FRA
expires: Mon, 13 Dec 2021 18:13:23 GMT

GET
H2 200 widget_core-12.3.5.js Show response
surveys-static.survicate.com/ 308 KB
90 KB 43ms
10ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-12.3.5.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: adab9343d9658827f7c8574865e7327599d44c8265c75362979df80dc95d4b59

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: VAAV81RSPKBP7D2E
x-edge-location: defr
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:2c6c7c04-2bfb-428f-845c-4919c32a75c4
x-cache: HIT
x-amz-meta-codebuild-content-sha256: 1cc09f16d464d39a603f82345c799a6aa54b1ad6c1ef23a38f87f48d29925d31
x-amz-meta-codebuild-content-md5: 29796a8a88d9a5a79cfeb13033b1d571
x-amz-id-2: 9u/GD3b1qLgWiDPYP5f577EmN/bqThMIRI54l3nS10/ra8QRNz3SLCD+DOXMlYgKcUMZk6f0Wmw=
last-modified: Thu, 09 Dec 2021 12:02:27 GMT
server: keycdn-engine
etag: W/"6bc72465cf41a56fa1c0b0cacaea100d"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
29 KB 34ms
18ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d15402258748bdc141ddfd8ca716a10c13c1563ed38966142ca1ce74c7148c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30077
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 9ms
9ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
age: 1176725
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 832373
content-length: 84509
x-served-by: cache-hhn4031-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1639404803.007908,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 28 KB
10 KB 483ms
255ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&idx=0&rand=2080&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=330&py=1267&vpd=67&cw=610&activeTab=true&settings=true&recs=true&version=2000532&sig=56897664&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75840e84176a173b87e459125a09217575062eb0b9ad0e044a7b64010729bcbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1639404803.252451,VS0,VE248
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.49
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: eb54d691ebaa233e443d449dbc468d6e
content-encoding: gzip
content-length: 9916
x-served-by: cache-lga21949-LGA, cache-hhn4075-HHN

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 195 B
502 B 358ms
126ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=bendigoadvertiser.com.au&domain=bendigoadvertiser.com.au&path=%2Fstory%2F7542491%2F
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9cabae9e11b49e4d2b8f0016987117cfb5d3a5784831e79d171a61bae203ba5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 148
x-served-by: cache-mxp6922-MXP
access-control-allow-origin: *
x-timer: S1639404803.262484,VS0,VE109
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 11 Dec 2021 14:13:23 GMT

GET
H2 200 / Show response
www.bendigoadvertiser.com.au/promotions/website_content_esov/ 2 KB
1 KB 334ms
333ms XHR
application/json 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bendigoadvertiser.com.au/promotions/website_content_esov/?view_type=STORY&limit=3&_=1639404802106

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-84.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

0675fb869f2c18d33481f54b2ebe2606e341ec18d5a2f1812ce3dece1b318af3

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
X-NewRelic-ID: XAADWFRTGwoIV1NSAAQE
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA60-P2
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
content-security-policy: child-src * blob:
vary: Accept-Encoding,Cookie,Origin
x-amz-cf-id: kIPvyTDsljwLyrjBExc98e3hR_oT92Yypda_iF_DQ7St1xL6D_qUEw==
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
DATA 200
OK truncated
/ 225 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4f451a982fc3b80c581bf0f1e6c175420609abe1b56f766a7a36c9352948e66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 index.html Show response
origami.secure.ownlocal.com/origami_unit/ 13 KB
13 KB 8ms
8ms XHR
text/html 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept: text/html
Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 10:55:46 GMT
age: 11857
x-guploader-uploadid: ADPycdussUOMEh4Qtr4wWi_DCe_YewRUPbR_3HHf9JYFmWC_HlsHknYGs3hDhCyqdbrSAXHiVRhWKdKR62OOVl6Demk
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: ares-unit-html-production
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13753
accept-ranges: bytes
last-modified: Tue, 10 Nov 2020 14:45:02 GMT
server: UploadServer
etag: "0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash: crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation: 1605019502335578
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 13753
x-goog-meta-surrogate-key-control: max-age=31536000
content-type: text/html
expires: Tue, 14 Dec 2021 10:55:46 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 215 B
390 B 125ms
55ms Script
text/html 34.246.74.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&callback=MoatNadoAllJsonpRequest_23632168
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: d7d3e40bdbd034a726e3eb42bdb54679127845c79f334ff30688c3528fb3fe7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "09c8f0c7657c18c5e75a4ed3e4ae4d12a3325e54"
content-length: 215
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 86 B
260 B 104ms
36ms Script
text/html 52.208.32.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ACM_HEADER1&hp=1&wf=1&pxm=&sgs=3&vb=-1&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639404802526&de=806388947023&m=0&ar=cc97a930ec1-clean&iw=ceff30a&q=1&cb=0&cu=1639404802526&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1763&fs=195926&na=1216381663&cs=0&callback=MoatDataJsonpRequest_23632168
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.32.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 19525bb89abc4235b9f03ddc876d43b57f905ea22c9229dffcacfec0ca97353c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "3656a4651d218c17fe7172904e0fe88a2baaeb77"
content-length: 86
content-type: text/html; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 35ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212556246621990&ev=PageView&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&rl=&if=false&ts=1639404802729&sw=1600&sh=1200&v=next&r=canary&ec=0&o=30&ttf=1886.900001525879&tts=1237.599998474121&ttse=1884&fbp=fb.2.1639404802727.124990351&it=1639404802083&coo=false&exp=p1&rqm=GET

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
H2 200 verify Show response
id-au.piano.io/id/api/v1/identity/token/ 213 B
793 B 315ms
304ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id-au.piano.io/id/api/v1/identity/token/verify?callback=jQuery1124048310464988743584_1639404801865&client_id=XxwEsdXWKB&site=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&_=1639404801866

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568148aafeec1389461232a95ace60cf8bc2a8e41216af76b7b0578d6feb5164

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cbu424rCYDy
pragma: no-cache
wn: prod-au-dash-10-1-3-40
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-time: 0.005
cf-ray: 6bcfcaf4ca214aaf-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 309ms
102ms Image
image/gif 3.217.174.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bendigoadvertiser.com.au&p=%2Fstory%2F7542491%2F&u=C8BKNIw9sfgDeAgCf&d=bendigoadvertiser.com.au&g=66019&g0=latestnews%2Cnews%2Cstory&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2048&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2372&t=iYw2aDnSP3ZBd9ED-DOFdzxCQzelK&V=129&i=Hackers%20targetted%20Qld%20power%20station&tz=0&_acct=anon&sn=1&sv=CNE_7oCQiPP1Pm2Q_CWieCBicWir&sd=1&im=06630ef0&_
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.174.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-174-143.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 72 KB
24 KB 89ms
89ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b7ada1d31bc9b44b31f795e88e4188d5fee01b9e8badb19fb34a8cc5631f28e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Dec 2021 06:40:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23728
Expires: Mon, 13 Dec 2021 15:13:23 GMT

GET
H3 200 ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame 945A 43 KB
43 KB 21ms
11ms Stylesheet
text/css 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 20:35:22 GMT
x-goog-meta-goog-reserved-file-mtime: 1605019378
age: 63481
x-guploader-uploadid: ADPycdteqUTy27WdxkaUTVRYC_k6C0w8szeQuj-WHs2zHYmh-F3GIgevxloH308OiYrJRN5X6TkP25tFT4_OhosBPkvk71uf6w
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: ares-unit-bundle-production
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44190
accept-ranges: bytes
last-modified: Tue, 10 Nov 2020 14:52:03 GMT
server: UploadServer
etag: "ca2d3510261a58fb4fbc8ac0361b8e23"
x-goog-hash: crc32c=1WBR9g==, md5=yi01ECYaWPtPvIrANhuOIw==
x-goog-generation: 1605019923580659
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 44190
x-goog-meta-surrogate-key-control: max-age=31536000
content-type: text/css
expires: Mon, 13 Dec 2021 20:35:22 GMT

GET
H3 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 945A 59 KB
17 KB 58ms
30ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7137322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16344
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-ea52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pY55DOTdr2mr4Fd7fXjXeEt%2FAiXeuzOrd3%2B9X7tGFjmQOAbPnaQU8TZ6eHO%2B0ikyWzz%2Fv63UE6yHr6elBJr6NxtqKjXG04H2WaaMBYS1hazpScFNshe1erlUzhm4W%2BngyyHXUwg7RaEpOJ16nG6g4emy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bcfcaf5ba0f83a9-MXP
expires: Sat, 03 Dec 2022 14:13:23 GMT

GET
H2 200 sp.js Show response
snowplow.ownlocal.com/ Frame 945A 96 KB
96 KB 47ms
10ms Script
application/x-javascript 35.244.184.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.ownlocal.com/sp.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.184.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:31:48 GMT
age: 2495
x-guploader-uploadid: ADPycdtoSUWxSnT56kr1G_ROi9GkAKXaRbNA6VufoqilL47mMzu6bk0Ej_XeTdyGp_zuFg2PSraguNzSzx5OlEyNdGU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97919
last-modified: Mon, 19 Aug 2019 14:47:45 GMT
server: UploadServer
etag: "53030ece69ef259990486148c204d820"
x-goog-hash: crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation: 1566226065807390
cache-control: public, max-age=3600
x-goog-stored-content-length: 97919
accept-ranges: bytes
content-type: application/x-javascript
expires: Mon, 13 Dec 2021 14:31:48 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 945A 222 B
619 B 85ms
19ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1688975
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 23 Nov 2021 16:23:25 GMT
date: Mon, 13 Dec 2021 14:13:23 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.production.min.js Show response
unpkg.com/react@16.5.2/umd/ Frame 945A 10 KB
4 KB 114ms
60ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.5.2/umd/react.production.min.js

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20253393
fly-request-id: 01F3YF3N2T68HEZA9N4GHNX8GK
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6bcfcaf5e81c5a25-MXP

GET
H2 200 react-dom.production.min.js Show response
unpkg.com/react-dom@16.5.2/umd/ Frame 945A 92 KB
31 KB 100ms
46ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 907190
fly-request-id: 01FNZ12XKP3SFFG09VCQDGT2H8
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6bcfcaf5e8255a25-MXP

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 94ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bendigoadvertiser.com.au

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 75ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bendigoadvertiser.com.au

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 74ms
72ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4480842048909003&correlator=2190921436571971&output=ldjh&impl=fifs&eid=44755509&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=21666581298%2Cbendigoadvertiser%2Cnews%2Clatestnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1x1&ists=1&prev_scp=pos%3D1%26ur%3Dbendigoadvertiser%257Carticle%257Cnews%257Clatestnews%257C1%257C1x1%257Cdesktop%26urh%3D1903632775%7Cur%3Dbendigoadvertiser%257Carticle%257Cnews%257Clatestnews%257C%257Cint%257Cdesktop%26urh%3D-2021753333&cust_params=ctype%3Darticle%26cat%3Dnews%26cat1%3Dlatestnews%26region%3Dvic%26locstate%3Dvic%26tags%3Ddomestic%26tag%3Ddomestic%26ksg%3D%26kuid%3D%26pageID%3D7542491%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1639404802&dt=1639404802975&dlt=1639404801384&idt=1502&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C0&adys=-12245933%2C2048&adks=3992414764%2C511533634&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C1600x1998&msz=0x0%7C1600x0&ga_vid=54876956.1639404802&ga_sid=1639404803&ga_hid=703888319&ga_fc=true&fws=132%2C0&ohw=960%2C0&btvi=-1%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ce142c5f5f33a12ce3f88e9af21044cf0c96503518818bb64fd7978c9cf5569c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10722
x-xss-protection: 0
google-lineitem-id: 4877223536,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252499898,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4405 6 KB
4 KB 82ms
18ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 14:13:23 GMT
expires: Tue, 13 Dec 2022 14:13:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ 8 KB
723 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,500,600&display=swap

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04c3fec343a3139e641d31fd6300ffcff4f0bdfb0188eb1eaf3fabbf2b4e4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 13:21:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 14:13:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 9554 805 B
825 B 9ms
8ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 13 Dec 2021 14:13:23 GMT
via: 1.1 varnish
age: 2209951
x-served-by: cache-hhn4031-HHN
x-cache: HIT
x-cache-hits: 200430
x-timer: S1639404804.642970,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET

materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 945A
Redirect Chain

https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css

0
0

GET
H2 200 inter.css
rsms.me/inter/ Frame 945A 6 KB
2 KB 105ms
30ms Stylesheet
text/css 2606:4700:3037::6815:8fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://origami.secure.ownlocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: bdddee6dd048908b7e63db602ec5fa70aad40cd0
date: Mon, 13 Dec 2021 14:13:23 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-mxp6968-MXP
last-modified: Fri, 18 Jun 2021 21:40:26 GMT
server: cloudflare
x-github-request-id: D624:A961:12A9A05:132E9FA:61A870C9
x-timer: S1638497435.876969,VS0,VE0
etag: W/"60cd12ca-1966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xvzcFO%2FNHhEKHkpNdvvQ3Itgxn0JsY%2FhhDXxrL7HvT6KB7%2FRirlDLaOSyUlzVsjEk%2FGjkorxhQ3w%2Fr%2Fcn6BNVECimPCpU5fcpUgL%2Fu32OOebmANXX0hvkPXL2xYeqtyRLBaEqWk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: HIT
cf-ray: 6bcfcaf75fdd374c-MXP
x-origin-cache: HIT
expires: Sun, 12 Dec 2021 05:35:15 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 945A 1 KB
436 B 32ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a1ac78f7736b8b91cddc3db9c4ed34ad29bd563e96c7d145a9bb7763ca45feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://origami.secure.ownlocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 14:13:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 14:13:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8e08d56911d8fe3220cbcd92050537db013ce528b3dea9f2e2088fd507bb5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61993
x-xss-protection: 0
expires: Mon, 13 Dec 2021 14:13:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
451 B 78ms
21ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-61683903-1&cid=54876956.1639404802&jid=1902048109&gjid=973417849&_gid=1970125787.1639404802&_u=aGBAiEAjRAAAAE~&z=698331589

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 14:13:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 56ms
21ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16730067-9&cid=54876956.1639404802&jid=232279317&gjid=439548786&_gid=1970125787.1639404802&_u=aGDAiEAjRAAAAE~&z=904748868

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 14:13:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjR~&jid=1902048109&gjid=973417849&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=1635692028

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjRAAAAE~&jid=232279317&gjid=439548786&cid=54876956.1639404802&tid=UA-16730067-9&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=&z=2022280063

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F&el=10%25&_u=aGDAiEAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=1477756428

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F&el=25%25&_u=aGDAiEAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=2090190352

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F&el=50%25&_u=aGDAiEAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=267505354

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-61683903-1&l=dataLayer&cx=c

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4a231fa4764206e584c50f1f6ca17f9d879f540c126db9312141fd479cf3f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36264
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
H2 200 w75_h75_fcrop.jpg
www.bendigoadvertiser.com.au/images/transform/v1/resize/frm/longbeach/d2440e57-2457-4903-8efb-00a23f33d305.jpg/ 2 KB
3 KB 26ms
19ms Image
image/jpeg 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/images/transform/v1/resize/frm/longbeach/d2440e57-2457-4903-8efb-00a23f33d305.jpg/w75_h75_fcrop.jpg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: bb908210c25493be2469918c01d9d5ce632ed43fd239e39f5e7f965f69e98ec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:19:16 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 07:51:36 GMT
server: nginx
age: 4006446
etag: "c61ba1c19eac532daf68a57dab9bcea4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
x-transform-stats: ft:0.223 tt:0.001
content-length: 2403
x-amz-cf-id: FJxg373M0vw-UeAwgRjIWF09VV6HfnmIQzSPcy1EP0nJ-WXAnlsn-Q==

GET
H2 200 w75_h75_fcrop.jpg
www.bendigoadvertiser.com.au/images/transform/v1/resize/frm/longbeach/bb54d325-7992-450f-8d1b-9bd2b246deaf.jpg/ 2 KB
3 KB 26ms
19ms Image
image/jpeg 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/images/transform/v1/resize/frm/longbeach/bb54d325-7992-450f-8d1b-9bd2b246deaf.jpg/w75_h75_fcrop.jpg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 612338fd053a7a437785f62869daed6e0c7c1b082bf695448b8fd533b6eb2125

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:11:32 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Fri, 23 Jun 2017 05:39:49 GMT
server: nginx
age: 4006910
etag: "57a39cd0f8f25ea49894df11442d8494"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
x-transform-stats: ft:0.030 tt:0.001
content-length: 2340
x-amz-cf-id: jD7LP1BPsZdcpfkr-3FxUaKabAYWuZXF5ouI0oeaqVb2uOKxscSnSA==

GET
H2 200 w75_h75_fcrop.jpg
www.bendigoadvertiser.com.au/images/transform/v1/resize/frm/longbeach/b55eb50e-df57-4b62-875e-ba3d51d485d0.jpg/ 1 KB
2 KB 26ms
20ms Image
image/jpeg 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/images/transform/v1/resize/frm/longbeach/b55eb50e-df57-4b62-875e-ba3d51d485d0.jpg/w75_h75_fcrop.jpg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a84e24aab3c5c6a2cea0f608ed2602104b653a4d633aa8fab17bd9d1d8261360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:10:19 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Tue, 09 Mar 2021 03:01:59 GMT
server: nginx
age: 4006984
etag: "c54789a4c0459961f2b938743322619e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
x-transform-stats: ft:0.017 tt:0.001
content-length: 1339
x-amz-cf-id: EDrsyJdfBveGjvSB2Ry6ahc1T2dyM3tBTJODW1mwGVI9tUJsZ6CLaA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
22ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad%20unit%20view&ea=view&el=website%20content%20ad&_u=aHDAiEAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=Bendigo%20Senior%20Secondary%20College&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=462821666

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
22ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad%20unit%20view&ea=view&el=website%20content%20ad&_u=aHDAiEAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=Bendigo%20Sheetmetal&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=1637469263

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
22ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=7&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad%20unit%20view&ea=view&el=website%20content%20ad&_u=aHDAiEAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=Bendigo%20Locksmiths%20Peter%20Gallivan&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=920080656

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D8D 0
0 43ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsCuyoSdAMxKCuPdbPj5TmZ648eUeBWxDhWGKtVBaVrOPzMqT2PV1Ra_6qCvIShRmHvSQASA_UfkOxx_0EtsjhNGqxIMqA6ynZxgpo1ZeIujAxObR2JLsINXCG8daqplH6_VVf4RYRCSleHYPeVCiwqvyOuLyMby7eVa5cuWjtXi2kICGILWvlwukrwfllEGcgnsYTWIR_fYfNzVMD4Gb0f7SWhcbRu6paOsOejfwWNSsHYW3F-eRoX56vQ7U3hxjMrc-LLQjuETAOQJRiOrMCdkfmEZptmL55rsAj2Z0cmwu5CBY-m40KxbhJXHc7_NVm_2UwjE0PJzqCP_4l08QnF8qjlHE5uAb-bviUZw&sai=AMfl-YSIP9RABmw5mQIflleljp2gOKi0RWJuHCwELHoDA7bLCdAiLh-61snIi3Vjkv2nTx1q5FHGFsUuLGwGX7aP1JV6sxKSbiI-Mz0LZAuthxhrxnYcc9clxUvPgQUbh4K0&sig=Cg0ArKJSzLUKlZFBzCpqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
H2 200 tag Show response
a.teads.tv/page/94473/ Frame 1D8D 715 B
658 B 144ms
62ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/94473/tag
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd224ac44f6edd8cb8977c1be069c54ff98f99e16807425075a6057b4c58b70b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 458
expires: Mon, 13 Dec 2021 15:13:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D8D 119 KB
37 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 14:13:23 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/acmaugamdisplay714860376938/ Frame 1D8D 309 KB
105 KB 20ms
20ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/acmaugamdisplay714860376938/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5978c513f9d01087f56a5e02bfadce7f96f3d9305f894a283e26ea2f273da809

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:26:27 GMT
server: AmazonS3
x-amz-request-id: E52MD647V64SV78F
etag: "76d9601305394e42eb1c44c3da0e1acf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=5954
accept-ranges: bytes
content-length: 106998
x-amz-id-2: psO5oYtWhZVwh5h0AGGEt8VFykhOLCFDMzzOMsdVj17YmGIPgDD7fK7Z0usHH83Gxw1IONTDF5Q=

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ 238 B
430 B 80ms
33ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 683755df284c52999ee1fa0446d6afebe418bac8e820023b6087728ddfc7d5e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a005-dub-prod.krxd.net, cache-hhn4032-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1639404804.897496,VS0,VE26
content-length: 191
x-cache-hits: 0, 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 62ms
34ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61683903-1&cid=54876956.1639404802&jid=1902048109&_u=aGBAiEAjRAAAAE~&z=784874874

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 63ms
36ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61683903-1&cid=54876956.1639404802&jid=1902048109&_u=aGBAiEAjRAAAAE~&z=784874874

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 27ms
25ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
last-modified: Sun, 28 Nov 2021 09:31:35 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1638092497.386516"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Wed, 12 Jan 2022 14:13:23 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 27ms
26ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
last-modified: Sun, 28 Nov 2021 09:31:35 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1638092476.569147"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 12 Jan 2022 14:13:23 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 356ms
89ms Fetch
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=34e346642705e1be1d25347a1064ded9_46227_1639404803452&tm=1320&eT=0&widgetWidth=610&widgetHeight=721&widgetX=330&widgetY=1326&wRV=2000532&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=864&oo=true&ab=0&wl=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
X-TraceId: bc959eefb3e0be5690491e31f967b07d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000532/module/ 55 KB
19 KB 50ms
50ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000532/module/streamFeed.js?e=1
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 726b18ee909a4d05c29625493f7e3c109aaf733da03e1a505e20b99e355cea48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 07:42:42 GMT
server: AkamaiNetStorage
etag: "12164edcceff300ab75ac0981a2fd19d:1638786384.3427"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18889
expires: Mon, 13 Dec 2021 18:13:23 GMT

GET
H2 200 eyJpdSI6ImU1NzkyNjcyMzZhNGE4NDdkNjcwNTE1NWIzZjJlN2JhYzZmYzVjNDNjZmVjMTU3NjY2Y2Q1MjU2MDY2N2I0YmQiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 38 KB
38 KB 70ms
27ms Image
image/webp 92.122.252.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1NzkyNjcyMzZhNGE4NDdkNjcwNTE1NWIzZjJlN2JhYzZmYzVjNDNjZmVjMTU3NjY2Y2Q1MjU2MDY2N2I0YmQiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.252.200 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88c299732a9318962393c7715e0c035d806e5adde2beb3c8f8eedb8148ec9429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
cache-control: max-age=2124183
last-modified: Thu, 18 Nov 2021 09:49:34 GMT
x-traceid: f410dc747b61bfd3d5075d4bcb322ca6
timing-allow-origin: *
content-length: 38808
content-type: image/webp

GET
H2 200 eyJpdSI6ImYzMDE0MDU5OWIyNTk4YzE1NDRiNDEwYjZkNDE3NDgzMzEwYjA1NzY3NzBmNGM5OGEzMjM0NmFjMmVkODMwZTAiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 37 KB
37 KB 60ms
18ms Image
image/webp 92.122.252.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYzMDE0MDU5OWIyNTk4YzE1NDRiNDEwYjZkNDE3NDgzMzEwYjA1NzY3NzBmNGM5OGEzMjM0NmFjMmVkODMwZTAiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.252.200 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f72f9083e5b52562cb10874bdf452aa196062c9c58aad9e3248404a8a6d5647a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
cache-control: max-age=1858702
last-modified: Sun, 07 Nov 2021 05:34:01 GMT
x-traceid: 32c203a640532dd02e1c72da2dd25b61
timing-allow-origin: *
content-length: 37456
content-type: image/webp

GET
H2 200 eyJpdSI6IjhiNGQ2MmFlNTg2M2Q4Y2NlM2E2ODA1MGU1NjczNGMwYjVmNjEyM2U0MDdkZjJlOGIwYWVhYTJiY2E1YjM3NjkiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 108 KB
108 KB 73ms
31ms Image
image/webp 92.122.252.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhiNGQ2MmFlNTg2M2Q4Y2NlM2E2ODA1MGU1NjczNGMwYjVmNjEyM2U0MDdkZjJlOGIwYWVhYTJiY2E1YjM3NjkiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.252.200 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: df225629ffde50c46bdba6eb7beb1f239f881420f47a39e88251e428c50402e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:23 GMT
cache-control: max-age=2183908
last-modified: Sun, 31 Oct 2021 22:21:11 GMT
x-traceid: eb03c4024dfbe2be09c0ab29b9c77508
timing-allow-origin: *
content-length: 110578
content-type: image/webp

POST
H2 200 execute Show response
c2-au.piano.io/xbuilder/experience/ 50 KB
5 KB 329ms
319ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-au.piano.io/xbuilder/experience/execute?aid=XxwEsdXWKB

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a7f8789aefbd27aeaec7339f0acc4ae19336ab2f2d06400331ba2d03cec4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: ekhvf4u38q
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6bcfcaf8a9d74aaf-FRA

GET ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 945A 0
0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F9D3 0
18 B 17ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.bendigoadvertiser.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.bendigoadvertiser.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 13 Dec 2021 14:13:23 GMT

GET
H2 200 snxj6l9wj.js Show response
cdn.krxd.net/controltag/ Frame 9554 57 KB
18 KB 11ms
10ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 718f86718572cbcb3ac3eebdb94e52a8298ad4f9a4678d12f7f9f566496491bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 13 Dec 2021 14:13:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 201
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17924
x-served-by: config-service-a003-ash-prod.krxd.net, cache-bwi5168-BWI, cache-hhn4031-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1639404804.968164,VS0,VE0
etag: "4d5d98a244b4dc54e0a9637e036c7f8e7213c612"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

POST
H2 204 collect
analytics.google.com/g/ 0
356 B 52ms
15ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7PC84FGF0J&gtm=2oec10&_p=703888319&sr=1600x1200&_gaz=1&ul=en-us&cid=54876956.1639404802&_s=1&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sid=1639404803&sct=1&seg=0&en=page_view&_fv=2&_ss=2&ep.brand=Bendigo%20Advertiser&ep.version=lego1&ep.primaryPage=news&ep.secondaryPage=latestnews&ep.pageType=article&ep.author=&ep.datePublished=08122021&ep.wordCount=242&ep.wordCountRange=0%20-%20499&ep.memberType=visitor&ep.adBlocked=&ep.Story%20Tags=domestic&ep.datePublishedIso=2021-12-08T07%3A19%3A42%2B11%3A00&ep.storySource=AAP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 40ms
19ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7PC84FGF0J&cid=54876956.1639404802&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7PC84FGF0J&cid=54876956.1639404802&gtm=2oec10&aip=1&z=310947259

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 28ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_AU_GAM_DISPLAY1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=2&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1639404803498&de=686847408974&m=0&ar=cc97a930ec1-clean&iw=9bc9cce&q=5&cb=0&ym=0&cu=1639404803498&ll=2&lm=0&ln=1&em=0&en=0&d=4522954038%3A2438921438%3A4877223536%3A138252499898&zMoatPT=7542491&zMoatPS=1&zMoatMMV=-&zMoatMGV=-&zMoatMData=-&zMoatMSafety=-&zMoatMMV_MAX=-&zMoatMGV_MAX=-&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&bo=21665581034&bd=21681236391&zMoatOrigSlicer1=21665581034&zMoatOrigSlicer2=21681236391&dfp=0%2C1&la=21681236391&gw=acmaugamdisplay714860376938&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1469%3A1469%3A0%3A1763&fs=195926&na=1284788572&cs=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4338
date: Mon, 13 Dec 2021 13:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 15:01:06 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 600 KB
132 KB 99ms
16ms Script
text/javascript 2a02:26f0:6c00:1ba::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1ba::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f7473a96bc1be6e95e90ef09ea6b40ce3870fd2f161ae995a3a321bcc8d91c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: F68J04T7PTY30YXW
content-length: 134158
x-amz-id-2: 5oanuATguSNAEYPv8ZFPUtk+rNCXUA3YVde9j8zTvSVktBhqJosbZxHil9ryy8lz8cv60DIbB9w=
last-modified: Tue, 07 Dec 2021 15:00:32 GMT
etag: "7b6112093da0a5aec2609ebb9befd6e4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: a
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 13 Dec 2021 14:43:24 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 40 KB
17 KB 355ms
348ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000532&apv=true&sig=56897664&format=html&rand=54041&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MzRlMzQ2NjQyNzA1ZTFiZTFkMjUzNDdhMTA2NGRlZDk=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&dpr=1&cw=610&activeTab=true
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 33d34f4cc41eee7db91e34f99e0eae839b7499051d25ea8ab6a977659375bb3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1639404804.147135,VS0,VE340
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.70
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: 1dd9c94aaaab53cc5b105d78c8c81224
content-encoding: gzip
content-length: 16943
x-served-by: cache-lga21970-LGA, cache-hhn4075-HHN

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 9554 259 KB
83 KB 10ms
9ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
age: 1176726
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 832383
content-length: 84509
x-served-by: cache-hhn4031-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1639404804.152185,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D8D 0
0 44ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOTez3n3PCq4YyYg4gZbsyEarxDY6roy3WskgpOlrr6EHgg5h3Rq2TamK-frsxlGlq82sxPYwAQ9Bl7I4lvUeXf_0ONYsh7cb7WJwfq5_2MsB81pMUIVayUXLy-BcXdXEupZJ_RdVPlHmofvC5KhNyTlvIZ_B7s34FaAaU-hDawHhygIngJ68KcKmcHTPW5M4fm114A7EjJZB1MaqztBxftTvCCnsAnziZUoRh4NtxyFUKmOi7cwD_JcdJXjILEc6efDw6oXpPgC0FTJbvqpzI02xEDetJuB5y8QSnMAiX92vRbPrzQIFWEkiOTlPSlPcdGN0wGTP84ovbsl9Xks4hAjZiCqfROAohjBDcVKbi&sai=AMfl-YQFq37QjvfFd5YXbpusMq7WsPwgD65ywdpqhZpUIqWY7wBMRgG6uOiNEs5JhMaASylx8R7VCbSmBJDtbwnRs4HvRkgvEVNh99QMg95vtIhpDMWcTNr5ODs2f9VLWZLf&sig=Cg0ArKJSzKQ6f0wn8d5iEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H2 200 ua-html-prompt.min.js Show response
aswpsdkus.com/notify/v1/ 35 KB
10 KB 10ms
8ms Script
application/javascript 35.227.208.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-html-prompt.min.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.208.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.208.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0d2657eb59dc96ee295f410cd1bd09a5db1aa4d641d2a1b1d2d37a07cd49fcee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:10:32 GMT
content-encoding: gzip
age: 172
x-guploader-uploadid: ADPycdvnRr0AESAcqXAr9U8eMETyEpGb2YuVEMW2uuFSNKjdxqR-Z2FrLCLoDXpqqFnpvWfQJw-s__FK1h6hhExoMwULrDo9_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 9597
last-modified: Wed, 17 Nov 2021 23:19:50 GMT
server: UploadServer
etag: "f51c69360e3b4eefdb7a60836347b68e"
x-goog-hash: crc32c=RXQaIw==, md5=9RxpNg47Tu/bemCDY0e2jg==
x-goog-generation: 1637191190087932
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 9597
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 14:15:32 GMT

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ Frame 9554 223 B
304 B 48ms
48ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2e3581ff9ba07d332f543327ed5cdfb649aaa3238a757f160e9f06c84b9fa943

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4032-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1639404804.221043,VS0,VE29
content-length: 181
x-cache-hits: 0, 0

GET
H3 200 ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame 10C2 43 KB
43 KB 8ms
8ms Stylesheet
text/css 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 20:35:22 GMT
x-goog-meta-goog-reserved-file-mtime: 1605019378
age: 63482
x-guploader-uploadid: ADPycdteqUTy27WdxkaUTVRYC_k6C0w8szeQuj-WHs2zHYmh-F3GIgevxloH308OiYrJRN5X6TkP25tFT4_OhosBPkvk71uf6w
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: ares-unit-bundle-production
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44190
accept-ranges: bytes
last-modified: Tue, 10 Nov 2020 14:52:03 GMT
server: UploadServer
etag: "ca2d3510261a58fb4fbc8ac0361b8e23"
x-goog-hash: crc32c=1WBR9g==, md5=yi01ECYaWPtPvIrANhuOIw==
x-goog-generation: 1605019923580659
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 44190
x-goog-meta-surrogate-key-control: max-age=31536000
content-type: text/css
expires: Mon, 13 Dec 2021 20:35:22 GMT

GET
H3 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 10C2 59 KB
17 KB 36ms
36ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7137323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16344
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-ea52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPSCK7DqH4Q4zLVsjIedQD5yW6DYCOrIq%2FCPV7Yt93PE5aSsZyP8ZrfvMbqRFUQlmsJZh0aXj8rj6IoTLajgRwH%2FYvxzXJi4mcmEgHl5QH8edEmzurH0r7lLyxTFoNIEB7AbPoOur%2BDO%2BVp6XoFq%2BuPC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bcfcafa6f2b83a9-MXP
expires: Sat, 03 Dec 2022 14:13:24 GMT

GET
H3 200 sp.js Show response
snowplow.ownlocal.com/ Frame 10C2 96 KB
96 KB 19ms
10ms Script
application/x-javascript 35.244.184.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.ownlocal.com/sp.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.184.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:29:13 GMT
age: 2651
x-guploader-uploadid: ADPycduxtRNSwQndWEtYvg5dXQbzwdVbipTWFkKFHX9ekn0pGi_ldBtSdpnlaaxnzaF_LwLg9x2EMC6ttzEs82zur_U-tTpOgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97919
last-modified: Mon, 19 Aug 2019 14:47:45 GMT
server: UploadServer
etag: "53030ece69ef259990486148c204d820"
x-goog-hash: crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation: 1566226065807390
cache-control: public, max-age=3600
x-goog-stored-content-length: 97919
accept-ranges: bytes
content-type: application/x-javascript
expires: Mon, 13 Dec 2021 14:29:13 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 10C2 222 B
228 B 17ms
17ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1688976
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 23 Nov 2021 16:23:25 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.production.min.js Show response
unpkg.com/react@16.5.2/umd/ Frame 10C2 10 KB
4 KB 44ms
44ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.5.2/umd/react.production.min.js

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20253394
fly-request-id: 01F3YF3N2T68HEZA9N4GHNX8GK
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6bcfcafa6ea25a25-MXP

GET
H2 200 react-dom.production.min.js Show response
unpkg.com/react-dom@16.5.2/umd/ Frame 10C2 92 KB
31 KB 40ms
40ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 907191
fly-request-id: 01FNZ12XKP3SFFG09VCQDGT2H8
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6bcfcafa6ea55a25-MXP

GET
H3

200

materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 10C2
Redirect Chain

https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css

200 KB
34 KB

29ms
28ms

Stylesheet
text/css

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://origami.secure.ownlocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4209916
x-jsd-version: 4.5.95
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19165-FRA, cache-mxp6946-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bcfcafb5f660e02-MXP

Redirect headers

date: Mon, 13 Dec 2021 14:13:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4209916
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 111
x-served-by: cache-fra19171-FRA, cache-mxp6979-MXP
timing-allow-origin: *
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 6bcfcafa9e170e02-MXP

GET
H3 200 inter.css
rsms.me/inter/ Frame 10C2 6 KB
2 KB 34ms
20ms Stylesheet
text/css 2606:4700:3037::6815:8fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://origami.secure.ownlocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 392ca0109c10ce16bcd9ead325a8757a6cf5fe20
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 557
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19139-FRA
last-modified: Fri, 18 Jun 2021 21:40:26 GMT
server: cloudflare
x-github-request-id: 4FE8:2D0E:83C995:874AE1:6112C7BF
x-timer: S1628622311.057533,VS0,VE1
etag: W/"60cd12ca-1966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xbfvt3QlMA%2B7q7R0GSZe19Urcnc4dWCx%2FfD8tjezLDKqsiWOWFyNGy0oL3SDcciJr4GMDbEdv0TiFeVj8hWKdqh68czZPnQ3HpFsK5F3RWOqBqQ0YfnNxWACla4WS4b5ljG%2FvcaE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 6bcfcafa798c5ca4-FRA
x-origin-cache: HIT
expires: Mon, 06 Dec 2021 15:56:03 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 10C2 1 KB
436 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap

Requested by

Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a1ac78f7736b8b91cddc3db9c4ed34ad29bd563e96c7d145a9bb7763ca45feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://origami.secure.ownlocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 14:13:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 14:13:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H2 200 airship.css
www.bendigoadvertiser.com.au/static/1639372157/legolite/css/ 797 B
675 B 288ms
285ms Stylesheet
text/css 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bendigoadvertiser.com.au/static/1639372157/legolite/css/airship.css
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: b158e045b9d6952b9747449e56eb24db68fd087478a49b869318147f7a150a83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:09:17 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: W/"61b6d57d-31d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-id: eA2t_GLGOrlxw-vGSusAeW2YmeNFv2EK02eQpGrGuL0rHcwvuSCK-A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ef47c72b-5c3b-41e1-80c5-7d79e847b383.jpg
cdn.newsnow.io/M4qG8tFwm4mdvYjNdABvPv/ 9 KB
9 KB 972ms
380ms Image
image/jpeg 13.239.42.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsnow.io/M4qG8tFwm4mdvYjNdABvPv/ef47c72b-5c3b-41e1-80c5-7d79e847b383.jpg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.239.42.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-239-42-64.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ce136a7c8725e23e4f1a7354793e04020adcf6ee4f92b8f9e3fd9ea4dfe07fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Mon, 24 Aug 2020 05:33:09 GMT
server: nginx
etag: "5f435115-243c"
x-cache-stats: ft:0.09
x-cache: Hit
content-type: image/jpeg
accept-ranges: bytes
content-length: 9276

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=8&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad%20unit%20module&ea=view&el=website%20content%20ad&_u=aHDAiUAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=1371188685

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17466
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
125 B 121ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bendigoadvertiser.com.au
date: Mon, 13 Dec 2021 14:13:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
382 B 143ms
106ms XHR
text/javascript 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=245847&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2246957860%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22249390%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22249391%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e6b4cd11-3ffb-42fd-9304-11f56ed30cfe%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-12-13T14%3A13%3A22%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64c7cfcb10ce96b90eeb7a35edde50346641d8c629eda436c3b50adc93dea054

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.186], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.bendigoadvertiser.com.au
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
382 B 128ms
94ms XHR
text/javascript 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=245847&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2261282509%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22249389%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22249388%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e6b4cd11-3ffb-42fd-9304-11f56ed30cfe%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-12-13T14%3A13%3A22%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fcf9b0381bbeca95cf5f496a8013703f799cc0ce6ada368a1a7ac25a8b74443d

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.186], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.bendigoadvertiser.com.au
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 188ms
102ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19530&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&p_screen_res=1600x1200&site_id=225350&zone_id=1105710&kw=rp.fastlane&tk_flint=index&rand=0.5784638768792383&alt_size_ids=10
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 340425404969a5fd7e94c0bf252648795e370b1290dfaae48bc24b9aac1b6d04

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bendigoadvertiser.com.au
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
69 B 144ms
101ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bendigoadvertiser.com.au
date: Mon, 13 Dec 2021 14:13:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H3 200 loadTemplateContext Show response
buy-au.piano.io/api/v3/anon/template/ 554 B
992 B 391ms
359ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/api/v3/anon/template/loadTemplateContext?aid=XxwEsdXWKB

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7085eca4456d555406bd4eed0c86d2a9430952d42ec712c949d76c7d35545f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 333
x-request-id: Ccu424rVxXb
pragma: no-cache
wn: prod-au-dash-10-1-2-238
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.012
cf-ray: 6bcfcafb48d083a6-MXP
expires: 0

GET
H3 200 cacheableShow Show response
buy-au.piano.io/checkout/template/ Frame 1EF7 13 KB
5 KB 363ms
335ms Document
text/html 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/checkout/template/cacheableShow?aid=XxwEsdXWKB&templateId=OTLN70LK8DCI&templateVariantId=OTVQEST6XTX4O&gaClientId=54876956.1639404802&offerId=fakeOfferId&experienceId=EX0I4CZASK3M&iframeId=offer_cb537d20eb7adae378b4-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea183c5c508aa23e90253b5cf70a13908c84d13615df21df9b48472f0102034f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-type: text/html;charset=UTF-8
content-length: 4616
access-control-allow-methods: *
access-control-allow-origin: http://dashboard-au.piano.io
cache-control: public, max-age=10800
content-encoding: gzip
expires: Mon, 13 Dec 2021 17:13:24 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.005
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-au-dash-10-1-3-40
x-forwarded-https: on
x-request-id: Ccu424rZXep
x-xss-protection: 0
cf-cache-status: MISS
last-modified: Mon, 13 Dec 2021 14:13:24 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bcfcafb5fb559bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bendigoadvertiser.com.au

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bendigoadvertiser.com.au

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
256 B 195ms
195ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4480842048909003&correlator=2190921436571971&output=ldjh&impl=fifs&eid=44755509&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=21666581298%2Cbendigoadvertiser%2Cnews%2Clatestnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x11&prev_scp=pos%3D1%26ur%3Dbendigoadvertiser%257Carticle%257Cnews%257Clatestnews%257C1%257C1x11%257Cdesktop%26urh%3D-1105239350%26condAd%3Dtrue&cust_params=ctype%3Darticle%26cat%3Dnews%26cat1%3Dlatestnews%26region%3Dvic%26locstate%3Dvic%26tags%3Ddomestic%26tag%3Ddomestic%26ksg%3D%26kuid%3D%26pageID%3D7542491%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&cookie=ID%3Df28dbfbb2b0ae390-22eb2b7505cd0086%3AT%3D1639404803%3AS%3DALNI_MY7CEu7q31rS89r572mDyyp48gECg&bc=31&abxe=1&lmt=1639404803&dt=1639404803774&dlt=1639404801384&idt=1502&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=50&adks=3516765689&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&psts=AGkb-H-Oe_pw-T85ScpSQQ6AkPraM2_o9mhsejTqlKqRb6NpHht_16bWhIA6mSEvXXpGy443IRLNvjabrK006it-03QmIpOMar6h%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=54876956.1639404802&ga_sid=1639404803&ga_hid=703888319&ga_fc=true&ga_cid=1970125787.1639404802&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

95c09eada85049c0043e00a2af6169785874f56f97468941b6c893ee17f04897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1D8D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 479310a89baa0fcc3c266317ee8ff880156171c075f1318c9b61798f56e15fbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ares_assets.json Show response
origami.secure.ownlocal.com/origami_unit/production/ Frame 10C2 168 B
200 B 8ms
7ms Fetch
application/json 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 16:04:36 GMT
x-goog-meta-goog-reserved-file-mtime: 1605019378
age: 79728
x-guploader-uploadid: ADPycduV9TfDPC07f8ZTmcYz8WuO1eO31hp6IXdol9fN4ZqUoQX0_E332HurQ27j7cE8zCsu7qxtZmuUcUB-YifBM_AM2q8RmA
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: ares-unit-bundle-production
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168
accept-ranges: bytes
last-modified: Tue, 10 Nov 2020 14:52:03 GMT
server: UploadServer
etag: "71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash: crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation: 1605019923603319
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
x-goog-stored-content-length: 168
x-goog-meta-surrogate-key-control: max-age=31536000
content-type: application/json
expires: Mon, 13 Dec 2021 16:04:36 GMT

GET
H2 200 d3d3LmJlbmRpZ29hZHZlcnRpc2VyLmNvbS5hdQ%3D%3D Show response
static.solutionshindsight.net/assets/ 3 KB
2 KB 33ms
16ms Fetch
application/json 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/d3d3LmJlbmRpZ29hZHZlcnRpc2VyLmNvbS5hdQ%3D%3D
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9fa6d0cf6a49de6ffafb03e101a6781c467a1932fb0b692d91c6cfef3e873f36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8ae10c3cfa14994d2e45d2746c30c309"
age: 541
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 09 Dec 2021 17:40:37 GMT
server: AmazonS3
date: Mon, 13 Dec 2021 14:04:24 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: E94mKFfKrFqsI1x3RmOf03ixmHpKXLGkgQlp9sf4T3YrAQktRIfIEA==

GET
H2 200 track
t.teads.tv/ 23 B
113 B 123ms
42ms Image
image/gif 92.122.254.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=3d4055f9-6aad-498c-b5d9-40b5e918a8db&pageId=94473&pid=117249&debug_metadata=cwXMV1Rl7o&fv=927&ts=1639404803866&f=1&referer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.254.4 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 125ms
45ms Image
image/gif 92.122.254.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=3d4055f9-6aad-498c-b5d9-40b5e918a8db&pageId=94473&pid=117249&slot=polymorph&fv=927&ts=1639404803875&f=1&referer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.254.4 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/94473/ 539 B
583 B 85ms
85ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/94473/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&page=%7B%22id%22%3A94473%2C%22placements%22%3A%5B%7B%22id%22%3A117249%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A610%2C%22height%22%3A343%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=3d4055f9-6aad-498c-b5d9-40b5e918a8db&formatVersion=927&env=js-web&netBw=9&ttfb=543
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59766a73a81b33feedfcdf0ae5ce44db49b5a8a88027e44860cdf7f9317d3df5

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 367
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
14 KB 295ms
295ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4480842048909003&correlator=2190921436571971&output=ldjh&impl=fifs&eid=44755509&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=21666581298%2Cbendigoadvertiser%2Cnews%2Clatestnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=996x120%7C970x250%7C940x250%7C940x120%7C728x90%2C300x250%7C300x600&prev_scp=pos%3D1%26ur%3Dbendigoadvertiser%257Carticle%257Cnews%257Clatestnews%257C1%257C996x120_970x250_940x250_940x120_728x90%257Cdesktop%26urh%3D1933291335%26condAd%3Dtrue%7Cpos%3D1%26ur%3Dbendigoadvertiser%257Carticle%257Cnews%257Clatestnews%257C1%257C300x250_300x600%257Cdesktop%26urh%3D1150405143%26condAd%3Dtrue&cust_params=ctype%3Darticle%26cat%3Dnews%26cat1%3Dlatestnews%26region%3Dvic%26locstate%3Dvic%26tags%3Ddomestic%26tag%3Ddomestic%26ksg%3D%26kuid%3D%26pageID%3D7542491%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&cookie=ID%3Df28dbfbb2b0ae390-22eb2b7505cd0086%3AT%3D1639404803%3AS%3DALNI_MY7CEu7q31rS89r572mDyyp48gECg&bc=31&abxe=1&lmt=1639404803&dt=1639404803919&dlt=1639404801384&idt=1502&frm=20&biw=1600&bih=1200&oid=2&adxs=302%2C970&adys=344%2C741&adks=697484641%2C4201336436&ucis=4%7C5&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x0&msz=1600x0%7C300x0&psts=AGkb-H-Oe_pw-T85ScpSQQ6AkPraM2_o9mhsejTqlKqRb6NpHht_16bWhIA6mSEvXXpGy443IRLNvjabrK006it-03QmIpOMar6h%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=54876956.1639404802&ga_sid=1639404803&ga_hid=703888319&ga_fc=true&ga_cid=1970125787.1639404802&fws=0%2C4&ohw=0%2C960&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

504fb1547220345bf29a8a8c48512dcf59d946020ce37b2319357b6d7c945df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 135416,135413
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14210
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: 466226
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
443 B 66ms
25ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=245847&u=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&v=3
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:24 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.186], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.bendigoadvertiser.com.au
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H3 200 ares-unit.js Show response
origami.secure.ownlocal.com/origami_unit/production/ Frame 10C2 114 KB
114 KB 10ms
10ms Script
application/javascript 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 343ea3c17fa2d9c0502e019abd2f22d748dc6926105fc21c2aaded55e783b38a

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 16:15:15 GMT
x-goog-meta-goog-reserved-file-mtime: 1605019378
age: 79089
x-guploader-uploadid: ADPycdvKsnxJRm-CZ9Pl_a7HQ0e0cUr8-tSfih0hmz1QEUTByPabOxQW3usKlh8ietSyzp2Pkbnm7pU5ykKB-xjPd1WEUSJkUA
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: ares-unit-bundle-production
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116430
accept-ranges: bytes
last-modified: Tue, 10 Nov 2020 14:52:03 GMT
server: UploadServer
etag: "1446c964725d9fed3a606a6f124276ac"
x-goog-hash: crc32c=KknYiA==, md5=FEbJZHJdn+06YGpvEkJ2rA==
x-goog-generation: 1605019923664535
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 116430
x-goog-meta-surrogate-key-control: max-age=31536000
content-type: application/javascript
expires: Mon, 13 Dec 2021 16:15:15 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000532/module/ 503 B
812 B 25ms
25ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000532/module/singleAnimationOnFeed.js?e=1
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2039e0e2a81d7ef4d3b97db079ddd819d3ec8729287c2d23634463502fec7ba4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
last-modified: Mon, 06 Dec 2021 07:42:42 GMT
server: AkamaiNetStorage
etag: "d2626d06314889545fc80fc867db4df8:1638786379.82739"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 crtvs%2F6d632ad7-3699-4a09-a3b0-bf28b7170d12
cdn.lqm.io/ 70 KB
71 KB 68ms
26ms Image
image/jpeg 46.105.199.2
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lqm.io/crtvs%2F6d632ad7-3699-4a09-a3b0-bf28b7170d12
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8b43f237233b62970b0e7ff97c4634f15a28ce844016d4d52b54194195979048

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 10:01:38 GMT
last-modified: Wed, 17 Nov 2021 08:57:50 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "fe80432a9e725128243da4ca5d06e2dc"
x-cacheable: Matched cache
content-type: image/jpeg
cache-control: max-age=31536000
x-cdn-pop: sbg
accept-ranges: bytes
x-lqm-cache: HIT
content-length: 71954
x-request-id: 707068596

GET
H2 200 crtvs%2F3e3bc8e4-3b86-4db8-ac44-ffbfd0dd39f7
cdn.lqm.io/ 56 KB
57 KB 54ms
11ms Image
image/jpeg 46.105.199.2
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lqm.io/crtvs%2F3e3bc8e4-3b86-4db8-ac44-ffbfd0dd39f7
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d353efaccb310b34bb0f0479ff5cbaac7543f9a4dfb890bcd15f4ea734174903

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 10:25:30 GMT
last-modified: Mon, 06 Dec 2021 09:22:38 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "ae3951e7b424e243df58a42d341866fe"
x-cacheable: Matched cache
content-type: image/jpeg
cache-control: max-age=31536000
x-cdn-pop: sbg
accept-ranges: bytes
x-lqm-cache: HIT
content-length: 57837
x-request-id: 953909465

GET
H2 200 crtvs%2F09d41ad7-7e40-492b-85c1-1acb2a253342
cdn.lqm.io/ 39 KB
39 KB 76ms
34ms Image
image/jpeg 46.105.199.2
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lqm.io/crtvs%2F09d41ad7-7e40-492b-85c1-1acb2a253342
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0d786e7596d222d21c91cb1c1a523eaa0420a7c6cdafe68d3004351037f7e1a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 09:13:52 GMT
last-modified: Tue, 30 Nov 2021 08:00:00 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "a504894bb6c2474be0c73c7a24e22ddd"
x-cacheable: Matched cache
content-type: image/jpeg
cache-control: max-age=31536000
x-cdn-pop: sbg
accept-ranges: bytes
x-lqm-cache: HIT
content-length: 39509
x-request-id: 279741685

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 89ms
89ms Fetch
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=104a6fc94d48b4b23284d9d0aec316ab_46227_1639404804235&tm=1962&eT=0&widgetWidth=610&widgetHeight=0&widgetX=330&widgetY=2921&wRV=2000532&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=391&oo=true&ab=0&wl=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
X-TraceId: 30aa9c928d90dc98bcda65e1e136ee4a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 176ms
89ms Fetch
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=aa9adfd6c993a745bb18246914618ef0_46227_1639404804427&tm=1972&eT=0&widgetWidth=610&widgetHeight=952&widgetX=330&widgetY=2921&wRV=2000532&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=391&oo=true&ab=0&wl=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
X-TraceId: 649471910c5426d5243d2db5f73eb31a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame BA26 361 B
654 B 26ms
25ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame A4A6 361 B
654 B 28ms
27ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C209 361 B
654 B 28ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AE30 361 B
654 B 28ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4D5D 361 B
654 B 28ms
27ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EC3C 361 B
654 B 28ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C128 361 B
654 B 29ms
29ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F8F7 361 B
654 B 30ms
30ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8F89 361 B
654 B 30ms
30ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E71B 361 B
654 B 31ms
29ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7900 361 B
654 B 31ms
30ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F03C 361 B
654 B 31ms
31ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C1FB 361 B
654 B 32ms
32ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 63A5 361 B
654 B 29ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:24 GMT
date: Mon, 13 Dec 2021 14:13:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 wp-banners.js Show response
static.solutionshindsight.net/teju-webclient/ 264 B
530 B 8ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:09:47 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 17:11:24 GMT
server: AmazonS3
age: 218
etag: "3dbe31279fb5d7b9fc3230563ef1eecd"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 190
x-amz-cf-id: 6itsv-JcjFNSFO0iIAD2I04NXUocEORKAoXe4W2ae-u8roWk0lxJ0Q==

GET
H2 200 articles Show response
api.solutionshindsight.net/v1/ 3 KB
1 KB 195ms
158ms Fetch
application/json 18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.solutionshindsight.net/v1/articles?publisher_id=619c0c92e7ccf6ffe09e73d0&article_external_id=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-126.fra60.r.cloudfront.net
Software: /
Resource Hash: 978feed92f3107c6026890e6cc2f8cd1ae7ddc72b90fb32233bc19f14bc49521

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 3194
x-amz-cf-pop: FRA60-P2
x-amzn-requestid: 325334e5-4bfa-45c7-926f-64a42ad55cd3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.bendigoadvertiser.com.au
x-amzn-trace-id: Root=1-61b75504-1981342a7bd397c67797eada;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: KSo4wHtToAMFdBA=
content-length: 801
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-id: b-sCNVLP4nBlbgeLf0XulZk7C-RzYiesi3DrPT-KkJPJI59dGUvttQ==

GET
H2 200 eyJpdSI6ImNmYTQ1Y2MzOWRjZDJjZjA5NDgyYTcxYTMwMGU2ZmU3ZjhjMjAyNzQ1MWIyNDNmNWI0ODIyZTMxYTZmMWUyMzUiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 102 KB
103 KB 22ms
18ms Image
image/webp 92.122.252.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNmYTQ1Y2MzOWRjZDJjZjA5NDgyYTcxYTMwMGU2ZmU3ZjhjMjAyNzQ1MWIyNDNmNWI0ODIyZTMxYTZmMWUyMzUiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.252.200 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: be8c701dc286885cb9dec58978b014e586ef5e93d315fe9e101d98ed2f958781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
cache-control: max-age=195565
last-modified: Mon, 15 Nov 2021 11:18:26 GMT
x-traceid: a84452e9c272babf021c5c9ce18a1595
timing-allow-origin: *
content-length: 104644
content-type: image/webp

GET
H2 200 eyJpdSI6IjMxY2QxMTg3ZTA0YzM3ZDNjNDFiODBkY2E0ZDk4OTJlYjM5ZDYyMWFlYWNhNDhmMzZjY2FiZTU3YWI1OGNmMzEiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 50 KB
51 KB 27ms
23ms Image
image/webp 92.122.252.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjMxY2QxMTg3ZTA0YzM3ZDNjNDFiODBkY2E0ZDk4OTJlYjM5ZDYyMWFlYWNhNDhmMzZjY2FiZTU3YWI1OGNmMzEiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.252.200 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6b928ec70723e68916db34f8c760e0fdd0a8f9ce8748b9bade0711d4a6623cbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
cache-control: max-age=2440301
last-modified: Fri, 03 Dec 2021 06:59:53 GMT
x-traceid: 0ac34b0a632b6fe90f8bfd92a5e7d1d6
timing-allow-origin: *
content-length: 51422
content-type: image/webp

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
443 B 26ms
25ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=245847&u=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&v=3
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:24 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.186], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.bendigoadvertiser.com.au
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H3 200 latest.json Show response
origami.secure.ownlocal.com/origami_configs/03336139-b432-4a34-a36b-ce39c32bb952/ Frame 10C2 2 KB
2 KB 8ms
8ms Fetch
application/json 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami_configs/03336139-b432-4a34-a36b-ce39c32bb952/latest.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 917f873b934d4fbf55a4fdbcc827ad1c00a8c2c830213c3385479e9403726bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:04:24 GMT
age: 540
x-guploader-uploadid: ADPycdvNDKHrMgxj8e_a8XFnoC-BFomN3ZlGtrzscizfLvTPRgLIrLA7NA3e_lLT9k7acsxkhdbylydr1cndM0zd0_Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: 03336139-b432-4a34-a36b-ce39c32bb952
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2389
last-modified: Sun, 12 Dec 2021 07:07:27 GMT
server: UploadServer
etag: "8f6df7db01d0993f35cf14aa665b3be7"
x-goog-hash: crc32c=iw4tOg==, md5=j2332wHQmT81zxSqZls75w==
x-goog-generation: 1639292847249434
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=0,s-maxage=3600
x-goog-stored-content-length: 2389
accept-ranges: bytes
content-type: application/json
expires: Mon, 13 Dec 2021 15:04:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame BA26 2 KB
1 KB 29ms
29ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame A4A6 2 KB
1 KB 29ms
29ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C209 2 KB
1 KB 30ms
30ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AE30 2 KB
1 KB 31ms
31ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4D5D 2 KB
1 KB 31ms
31ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EC3C 2 KB
1 KB 33ms
33ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C128 2 KB
1 KB 36ms
35ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F8F7 2 KB
1 KB 37ms
36ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8F89 2 KB
1 KB 37ms
37ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E71B 2 KB
1 KB 35ms
34ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7900 2 KB
1 KB 37ms
37ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F03C 2 KB
1 KB 42ms
42ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C1FB 2 KB
1 KB 46ms
46ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 63A5 2 KB
1 KB 46ms
46ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:16:05 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1639381242.749417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H2 200 36e47b76-3703-4fbe-9b30-d818c8d29866.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame 10C2 16 KB
17 KB 46ms
8ms Image
image/jpeg 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/36e47b76-3703-4fbe-9b30-d818c8d29866.jpeg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6368ae4e3f34b16242c8ad8cfb76db9bd87af7d1a901b5a92413e53703a3d4a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:04:24 GMT
age: 540
x-guploader-uploadid: ADPycdtYnkPkNZtvmVAnEANkrNmrFon4p4H4suV-mJPCgdHSZXsBTk0wABXbTZ-dTRF43RHfxLAf5pI331dJtw2iHjAnE7TdoQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16332
last-modified: Sun, 24 Oct 2021 07:36:29 GMT
server: UploadServer
etag: "04723584ac05696be822c31ab18b2313"
x-goog-hash: crc32c=mQ6lmA==, md5=BHI1hKwFaWvoIsMasYsjEw==
x-goog-generation: 1635060989928410
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 16332
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 13 Dec 2021 15:04:24 GMT

GET
H3 200 Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame 10C2 222 KB
223 KB 32ms
23ms Font
font/woff2 2606:4700:3037::6815:8fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 546f6453b3bc767ef34d1392f60b8e89a01b8859
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 540
x-cache: HIT
x-cache-hits: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 227180
x-served-by: cache-fra19180-FRA
last-modified: Fri, 18 Jun 2021 21:40:21 GMT
server: cloudflare
x-github-request-id: DA34:39AD:434F4C:46FB28:61B61EAA
x-timer: S1639350386.091983,VS0,VE0
etag: "60cd12c5-3776c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbHAJFWsKEEOIauForJylTNvOmrWgyxYixkCPM0wWhtrtiYngKMm8cIIa9fVk0UFFh%2Fith7yUNOBiPDIEcwZKuHJ2w0IY3MHB%2BFJTwDjXIeoMKGzYTO9CKJEW0KOqorW6WadE0V%2B"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
x-proxy-cache: HIT
accept-ranges: bytes
cf-ray: 6bcfcafdd90605d4-FRA
x-origin-cache: HIT
expires: Sun, 12 Dec 2021 16:14:53 GMT

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 10C2 256 KB
257 KB 65ms
37ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 903448
x-jsd-version: 4.5.95
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 262440
x-served-by: cache-fra19177-FRA, cache-mxp6982-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6bcfcafe0a1f3742-MXP

GET
H2 200 tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 10C2 26 B
376 B 658ms
615ms Image
image/gif 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1639404804171&e=pv&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=f96ec739-da69-467c-8abf-5a09d725853d&dtm=1639404804169&vp=300x300&ds=300x300&vid=1&sid=20b2bc7a-a271-4b11-87c0-5de9acbe73d1&duid=298cdb04-7c41-4963-b1cf-06e62d32ebf1&fp=401617179&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiMDMzMzYxMzktYjQzMi00YTM0LWEzNmItY2UzOWMzMmJiOTUyIiwiYmlkIjoiNTRmNzEzODAtYjkzZC00MGZmLWE1Y2YtMjE5MzI2N2QxZjNlIiwicGlkIjoiMTcwNTZhNzgtODUzMi00Yzg2LTgyMjAtOTE3OTQ1NjMwZDRlIn19XX0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c44b0eaf70b094194f5f1fda93dfb759
function-execution-id: 5fxj88bjth4g
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26

GET
H2 200 photo-1620050382792-434b5828873d
images.unsplash.com/ Frame 10C2 34 KB
35 KB 49ms
9ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1620050382792-434b5828873d?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDEyfHxwaHlzaW90aGVyYXB5fGVufDB8fHx8MTYzNTA2MTA1NA&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=600&fit=crop&crop=entropy

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5b715124fb434b19d62ec7a153d60bbaedf3c42086e8debbc8613109b70401f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 12 Dec 2021 19:14:07 GMT
server: imgix
age: 68357
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: b4c3cfddbf2dfa964691ca202b7c6296547227a0
accept-ranges: bytes
content-length: 35270
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10068-SJC, cache-hhn4034-HHN

GET
H3 200 template.bundle.1.0.css
buy-au.piano.io/widget/dist/template/css/ Frame 1EF7 33 KB
5 KB 41ms
40ms Stylesheet
text/css 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=XxwEsdXWKB&templateId=OTLN70LK8DCI&templateVariantId=OTVQEST6XTX4O&gaClientId=54876956.1639404802&offerId=fakeOfferId&experienceId=EX0I4CZASK3M&iframeId=offer_cb537d20eb7adae378b4-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/checkout/template/cacheableShow?aid=XxwEsdXWKB&templateId=OTLN70LK8DCI&templateVariantId=OTVQEST6XTX4O&gaClientId=54876956.1639404802&offerId=fakeOfferId&experienceId=EX0I4CZASK3M&iframeId=offer_cb537d20eb7adae378b4-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
age: 1785
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5182
wn: prod-au-dash-10-1-3-40
last-modified: Sun, 05 Dec 2021 10:53:08 GMT
server: cloudflare
etag: W/"33843-1638701588000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6bcfcafe597959bf-MXP
expires: Mon, 13 Dec 2021 18:13:24 GMT

GET
H3 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy-au.piano.io/_sam/ Frame 1EF7 518 KB
153 KB 42ms
41ms Script
text/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.38.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ecd4a553bc83ee40de73d664de509ec7f58212617cc2ff52bdbd1d38664c56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/checkout/template/cacheableShow?aid=XxwEsdXWKB&templateId=OTLN70LK8DCI&templateVariantId=OTVQEST6XTX4O&gaClientId=54876956.1639404802&offerId=fakeOfferId&experienceId=EX0I4CZASK3M&iframeId=offer_cb537d20eb7adae378b4-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1785
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-au-dash-10-1-3-40
last-modified: Wed, 08 Dec 2021 21:08:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=603015
x-optimized-by: _sam
cf-ray: 6bcfcafe597d59bf-MXP
expires: Mon, 20 Dec 2021 13:43:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1EF7 7 KB
850 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700|Source+Sans+Pro:400,600&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

deddc7f9e9d184da490d72997170fa7b0a15a9ee0572aa2df740e5ec9e354ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 14:13:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 14:13:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H2 200 w300_h300_fmax.jpg
transform.newsnow.io/transform/v1/resize/frm/dPEcn9zHcYHJsvMdkhu7Ld/45fd649e-b02c-479a-b827-b226fee467c6.png/ Frame 1EF7 19 KB
20 KB 883ms
319ms Image
image/jpeg 3.104.244.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.newsnow.io/transform/v1/resize/frm/dPEcn9zHcYHJsvMdkhu7Ld/45fd649e-b02c-479a-b827-b226fee467c6.png/w300_h300_fmax.jpg
Requested by: Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=XxwEsdXWKB&templateId=OTLN70LK8DCI&templateVariantId=OTVQEST6XTX4O&gaClientId=54876956.1639404802&offerId=fakeOfferId&experienceId=EX0I4CZASK3M&iframeId=offer_cb537d20eb7adae378b4-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.104.244.252 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-244-252.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: d56d7bfb41492b00c76a0c1280fddd1ba2ac93afc53afebb39bafebc82ed6338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Mon, 22 Nov 2021 03:44:23 GMT
server: nginx
etag: "a964e6ba0c7db40f55d02e9698c436da"
content-type: image/jpeg
cache-control: public, max_age=86400
x-transform-stats: ft:0.030 tt:0.006
content-length: 19831

GET
H3 200 container.html Show response
0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C6F 6 KB
3 KB 25ms
10ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 14:13:23 GMT
expires: Tue, 13 Dec 2022 14:13:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA5F 6 KB
3 KB 18ms
9ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 14:13:23 GMT
expires: Tue, 13 Dec 2022 14:13:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639404802526&de=428654132534&rx=60141623035&m=0&ar=cc97a930ec1-clean&iw=ceff30a&q=6&cb=0&cu=1639404802526&ll=2&lm=0&ln=0&em=0&en=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1763&fs=195926&na=1574995486&cs=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame BA26 43 B
256 B 370ms
91ms Image
image/gif 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V0i7jjdbLNkLA_m8EjEn6OOZUIw2xN0Va06ckwj0mZaQJzhrQwUjljpT3Mb06pwBHem34ZJUyzB6f4mN57_I2d8sdTejitRSpAug2PpCiLfdqJHXx1KLBe8VDa9h-RPyYOnOl2fiOyZppBOlxmA4X8LmnKaYq3YqsTvCj6VeioxHG8xWnc8Jg0_EtW6kZN7KtQcgbvvpnjZXzc0QTo-oh1jwbb-eLUoaydyLqxy8NpuK51jJRC5owi6XaRY4uXM2Q1sg2xKAUUWzI-Pt5dwIFtSFyAesrxxsNl0ez8pCmT5UT2AxtsUCt7CM3D09-JsTmNUnqQC2lVbmGbhhxmjJCe_L-hYpnCfe8E3g4OU_hoaXmPqbpWyUPqBpphAMoPw7X6Df7ndx89MwWjhhxKE2jE8RGGQcZIyVzhiWafDACant2p1yJPUU3YX4_PK4_mVxCEQ7f1jY74aOZGrCqz8FuUSEhc4WzClYuysYLTgBpDgqb4bFgZ3EEqCuLMaiviBW1Acfw_9b5qHft2pem615Nf6Ng4w-p6gbfW0_beSrnJ5PQZLTz3G0m2axLONqC3g19JEmbUBPgO5PJkKaxMxsmjM6rfICuaqgdfM3JyPrSpTOVs5bG2KMhxN4qOQ3fK1uuQfM4DRzcEIFJP6gFM8HZG_1K_U309XDnWmeC5pXaa7nkne1qU66aHbGZpHUZbN6PBSWwarM5V5vN0u97cGx4GcsVmVVm5KsZ2PU08Rkr85epd_62-xWJqoL40Qi5q6Z2nb1UACgEUAbmVlZwJu9QMsOr4Ez6vF99gEKJti2KgMnHGT9iMHZErR7y4_bOiaJCsPULYkPTvPACSJvll6wPNa5OEOiebv-8Es1dlI3svMDYG62BEYz48p6V0JRntOWB81bZ6NRNBzRez7jyUn3Vj3lCb4hh50yptdJmg6qTFUI3O5QSxJdcU7B24zKCjtmtzREfSq4wezDryJW-CeX19yAl8HiSU2Oa1DE5OBMdT9kOueszbbcWcxL2Aqw0r-u9UrZ9bKvP4CuGbOTnRE2WcC2CPYA0_pJ2XDXo5vMbw5uwD6HOSkrnP6Dru4NYXG2u1IVuCjHkjUUxOGoiOEfA9Yo806r3czeDJ-oLviC7vZM07OxSiWr8LDgH_FtSkHYRrvMaFM-qeOtF9HrQR8W9dwa5yRCIuflSifOICFco5PQ9p1PT43cUGwascPpjG23luo4ylnDfxd7fysiZY76FC6CXRqSTCZYyITmz8BwnFAg8xRmhBPoNYdELxM5JE1NXgWdtt2SITWc2MndsTohsGNKrqDYWEdZQy40pfM0bUQWY1XpPP_uDstNhuB9ZI5FIVBfHqqZj36R0P1wtLsK9qC-GNbPN9SWDykPjqHO1akjl2knlDujuWRhShhhDDGit6xXBnCrgIpTaNcR43rqSRYQgMfEV_ovycHt-0xGNPQSWx-ECXtvWWnce3ZsXSPc7QrBR1dWTXGmpAApNRZgi4rAtIyYOAW14GzvagPzjQnsXOuLg50kvQHuXLt_G8K0JI5WwS730QB7HWOC4O81eyu5lezi-wPXuVbqKfP6ZzK-69LkzLMbrv_wTD1Q8gmoqErYzQgzBJfN5k_WESC9NU1iguwh6p-NMdIsE4LPHUEhAUAA1G4dcSM_-G6hfXcuFA&c=e019592d&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:25 GMT
Cache-Control: no-cache
X-TraceId: 0d6aa8e42bbb6519f96ce738533225b2
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 1648327
h.lqm.io/odin/billing/6v0rQRczdoSxqPlKphKbR6/site/9zk0424e/ad/ Frame A4A6 0
40 B 35ms
10ms Image
text/plain 2600:1901:0:9d3d::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.lqm.io/odin/billing/6v0rQRczdoSxqPlKphKbR6/site/9zk0424e/ad/1648327?price=0.12875398&currency=USD&mbr=${AUCTION_MRB}&id=aa9adfd6c993a745bb18246914618ef0&ts=1639404804358410
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:9d3d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
content-type

GET
H/1.1 200
OK adview.php
a.twiago.com/ Frame C209 43 B
512 B 107ms
29ms Image
image/gif 85.215.5.31
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.twiago.com/adview.php?pid=7230&wmid=53907&gdpr_consent=[consentstring]&nvc=1&ord=1639404804358685&target=-

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.5.31 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache / PHP/7.3.30

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Mon, 13 Dec 2021 14:13:25 GMT
server: Apache
x-powered-by: PHP/7.3.30
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
connection: close
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H2 200 t.gif
h.lqm.io/odin/pixel/6v0rQRczdoSxqPlKphKbR6/site/9zk0424e/ad/1648327/ Frame AE30 43 B
101 B 33ms
9ms Image
image/gif 2600:1901:0:9d3d::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.lqm.io/odin/pixel/6v0rQRczdoSxqPlKphKbR6/site/9zk0424e/ad/1648327/t.gif?gdpr_consent=no_consent&isac=false&price=0.12875398&currency=USD&mbr=${AUCTION_MRB}&id=&ts=1639404804358410
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:9d3d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 google
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 4D5D 43 B
256 B 365ms
88ms Image
image/gif 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V0i7jjdbLNkLA_m8EjEn6OOZUIw2xN0Va06ckwj0mZaQJzhrQwUjljpT3Mb06pwBHem34ZJUyzB6f4mN57_I2d8sdTejitRSpAug2PpCiLfdqJHXx1KLBe8VDa9h-RPyYOnOl2fiOyZppBOlxmA4X8LmnKaYq3YqsTvCj6VeioxHG8xWnc8Jg0_EtW6kZN7KtUQVTS7TEeTPestZf3DimuLTjlM1AHjIuznya5jOrZPajpyciPVzM8NH6TmKOhz916t9VjhQ-dcVShS4AAMlQvSOdKkaYOFlm-ERxS_l9zaFze1BlzwUEaIj-bF8jb23KfMwMrd_ErtKQLdqO8OwQUGm3uX10bI5DTvWrP5kOfvI6bqoNpcxpfhDqeonum-9l5Kmuf3anajKPNRQ2txIjd3husOgZ3ZJjdt2er7e2q1Q1tIm-FrpQoBdHoYPUiVkv98-Dy1bA8oViX0vfjZ5Cnw6KrfIPwwzVZWiOUVMn3orZveQiejSKZbqQ0echIwKfPv3ldayBfghIg_UOodah_O4N-lnb7b2U7syxw8cn6FKCjRuFRvVHU6JSGJXuQCPHWMgZJNdOfiEyY2b_4W5wEIpaQmcPzDQgzC-EPauepd_oPYxiWEODAb81I0_bugmjPCRxsPfatuVHaXv6zYxuCoSGmHJ2d3mQQ14S2nh2ENZGDDcVXL1mCXHO0VpyU7iILWpt4WE9b-7RSKeozbeN7Wb3w8S4CLB5aEb_7AGVjDmJzHAlkZFy6bNjWxYZaAF4Y5XZr4jfwLXH8xbU-ptQAB2L6KSBORpF64CxPZ7hTjbs0aiOO_vStcpxgu9CmoOEVwTltX1mTnyS3RGkTYLRwBZq_O8HWLjdAnGrUFc5vZbQu7FQkDy5cFFMXMYDR_77LvGV0NUw77G1XrIqJEdu4i39viXyka42H4BDLHsTw4YEHLbdUPkiBiYLJlWlNzHCFyr0gxs7-f_T19kq3LL5RRXakCUstGrEeXG5zFvYQkUrr5V1r9BU7RWEGZtseuG9E4GAVv4aMuLnomrHeT2FFoZ_MNWLa8igGWWtPo5M3Z9C2U1Rd5o40txpXJEfCczUVJy90ugAgLyvl4mbQrZoHA8KO4qwBArE2dmQT5wS0F_DHaVwgmLSjsOmAUzMokZaPwaA0OBuQhLJgLEaBGTeU_okgNAMlEWoKEGlJVgZwUVJbn8fgdxR7antz2Qu7o7sDlkSHmDjVHaYg0-53dvScptLBe3S-pq4RRvAXqzUnLWI3goOA5PI1ccHvp6jXJCfKgbX5jq3-_muxcpirlw2Gc6EJQXCILnerog-uqLK4SZtxn4MDgIYYDK3HOQTYxTyeASLjvz3OScDbXgL65aqVbd0DzBrSFH1J7Y5g2sdcIonq4wW-1cAjPmpss3b99-XyJHn-2nmrF9dJCciw3CyqGgUOG6OY7yVvgkyBZ_YxK-I9FsViIR6vGrf9DOBxLrjyPB100A7EOvw1mnMSGZRfClkujiIb7jIQm707XRHjudwqmXqRQbyK4DreRkxOVlmQaOoLP5G932sh6LjGdnntmGmQaIcKYIYE0s4N6itGb-tLUL6kFeD3vMq0OvRIgaCKyY8SoACjRe7wxmykLO4m4pp1lzpz87sySTru6Dg0mMSwx4S1kNewFEpJH89n9DXg&c=91dd1097&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:25 GMT
Cache-Control: no-cache
X-TraceId: b2fef1c2365595b2e23fc325ea505c52
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 1651648
h.lqm.io/odin/billing/6v0rQRczdoSxqPlKphKbR6_1/site/9zk0424e/ad/ Frame EC3C 0
42 B 32ms
9ms Image
text/plain 2600:1901:0:9d3d::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.lqm.io/odin/billing/6v0rQRczdoSxqPlKphKbR6_1/site/9zk0424e/ad/1651648?price=0.08104651&currency=USD&mbr=${AUCTION_MRB}&id=aa9adfd6c993a745bb18246914618ef0&ts=1639404804358410
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:9d3d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
content-type

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D46F 78 KB
26 KB 41ms
41ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 692 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 14:13:24 GMT

GET
H3 200 didna_config.js Show response
storage.googleapis.com/didna_hb/hindsight/hindsight.australian_community_media/ Frame D46F 9 KB
9 KB 136ms
121ms Script
text/javascript 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/hindsight/hindsight.australian_community_media/didna_config.js
Requested by: Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 894037af63ca44cc688f5ba8f56ca6dc862db6fd56dde793bce96734cf7a2b63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
x-guploader-uploadid: ADPycdvhrz7jMcXN_NubF0zjW4_fsyohlmTin5jlpI7uRGu9SqDejpT1hIxDVhJ0msOz349nuucfpVbOhW62v0DF0OgfWxnhxA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9395
last-modified: Tue, 30 Nov 2021 14:27:23 GMT
server: UploadServer
etag: "42bd2f62df5424ffb9497ad6e75b5211"
x-goog-hash: crc32c=7/hRtg==, md5=Qr0vYt9UJP+5SXrW51tSEQ==
x-goog-generation: 1638282443438920
cache-control: no-store
x-goog-stored-content-length: 9395
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 13 Dec 2022 14:13:25 GMT

GET
H2 200 r0_74_800_526_w1200_h678_fmax.jpg
www.bendigoadvertiser.com.au/images/transform/v1/crop/frm/silverstone-feed-data/43f1c2da-3867-430e-9ade-c4ddb0f980b6.jpg/ Frame D46F 29 KB
29 KB 12ms
11ms Image
image/jpeg 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/images/transform/v1/crop/frm/silverstone-feed-data/43f1c2da-3867-430e-9ade-c4ddb0f980b6.jpg/r0_74_800_526_w1200_h678_fmax.jpg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 34dc21f8d73b7dad09c18791b2c4702c31bf8dc438ade4dbb6b643e63d264710

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 00:31:21 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Tue, 07 Dec 2021 00:26:03 GMT
server: nginx
age: 567723
etag: "c0e945bc86d1424b3e212c847415bd2e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
x-transform-stats: ft:0.022 tt:0.001
content-length: 29729
x-amz-cf-id: iCXoM803Z3QXdz9K4NBeJ7cHYSAUC2Nfogekiw_gaCJFDfc-thBM5Q==

GET
H2 200 r0_74_800_526_w1200_h678_fmax.jpg
www.bendigoadvertiser.com.au/images/transform/v1/crop/frm/silverstone-feed-data/007b43f3-4767-4e69-a50f-786bdbc30184.jpg/ Frame D46F 42 KB
43 KB 406ms
405ms Image
image/jpeg 18.66.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bendigoadvertiser.com.au/images/transform/v1/crop/frm/silverstone-feed-data/007b43f3-4767-4e69-a50f-786bdbc30184.jpg/r0_74_800_526_w1200_h678_fmax.jpg
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d0cc8ae822a3ddb55652488c889e279b50fa0a3367abc4d92abf5643849f7694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a37.cloudfront.net (CloudFront)
last-modified: Mon, 06 Dec 2021 22:36:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "f50d4ce5f644816c3c3f991d5e1b8e2b"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-transform-stats: ft:0.056 tt:0.001
content-length: 43294
x-amz-cf-id: qyP1pvDZfZkExETOmcUWahYiQZ7U7RGgT8TVfDZjZAfwhFwBTaaZuw==

POST
H2 201 _bulk
api.solutionshindsight.net/v2/events/ 0
0 295ms
295ms Fetch
application/json 18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.solutionshindsight.net/v2/events/_bulk
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-126.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amzn-requestid: 18270da5-6925-4185-ab38-8eeb28890610
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61b75505-1c9e91f77d50bb2d21ba5fb2
x-amz-apigw-id: KSo44HsXoAMFasQ=
content-length: 0
x-amz-cf-id: BaGPzEduUjEzYN4XXcDtDTX3lk3w5NwuyGv-xVu7mAUdL9ya31jATg==

GET
H/1.1 200
OK adview.php
a.twiago.com/ Frame C128 43 B
512 B 90ms
28ms Image
image/gif 85.215.5.31
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.twiago.com/adview.php?pid=7230&wmid=54441&gdpr_consent=[consentstring]&nvc=1&ord=1639404804359055&target=-

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.5.31 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache / PHP/7.3.29

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Mon, 13 Dec 2021 14:13:25 GMT
server: Apache
x-powered-by: PHP/7.3.29
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
connection: close
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H2 200 t.gif
h.lqm.io/odin/pixel/6v0rQRczdoSxqPlKphKbR6_1/site/9zk0424e/ad/1651648/ Frame F8F7 43 B
136 B 11ms
9ms Image
image/gif 2600:1901:0:9d3d::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.lqm.io/odin/pixel/6v0rQRczdoSxqPlKphKbR6_1/site/9zk0424e/ad/1651648/t.gif?gdpr_consent=no_consent&isac=false&price=0.08104651&currency=USD&mbr=${AUCTION_MRB}&id=&ts=1639404804358410
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:9d3d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 google
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 8F89 43 B
256 B 356ms
92ms Image
image/gif 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V0i7jjdbLNkLA_m8EjEn6OOZUIw2xN0Va06ckwj0mZaQJzhrQwUjljpT3Mb06pwBHem34ZJUyzB6f4mN57_I2d8sdTejitRSpAug2PpCiLfdqJHXx1KLBe8VDa9h-RPyYOnOl2fiOyZppBOlxmA4X8LmnKaYq3YqsTvCj6VeioxHG8xWnc8Jg0_EtW6kZN7KtcJaoEBjoQGIRVODCn6XhLmgamiFHTklvOWibAMqzlLXc1IjpWEsBUSN7eOvFCnV53UH1HH50bZPnq9qtB_K9ONtV8eoWd2gHsk3cw3OEVB1Mkrl1HSsY3O9ig8mNNZRaq0LYlic7C4iJV9KajZ9YPT5jswA4cPolsMVUMt-4V09G-J2GKwQlnhn0KRz6KXFyhIpqg_Dc8uW_7WMRRx3oeFNw4bTuzW-B97EaAOnfnOQFUlG2yclOpzac64r472eMqRFvNLqtE-gwqzxX7-3AzV3ANcwCZioh1HR2mtBRGLVnTgDC5jQjo0ioEadFuuyoX5FAwxLX8VWv-BknHhybvR6OjlOJg4ThHMbIe9Xf8elaCFZWHKAyI445Wzm1yP6KBgCluuEizEKqJK7VGJVScs3xMQU80INp2cXFc4dMQk_lRTz-3aYahH8om1vnG_2z0AX0nztddkkwFeJ8pZapgwuwImunp6TZ_zwCkovaiFgSKgkPcPI2THQ1KCczsasyYlvIBrA96ca4ApRTRUvfYnLu21Fx0Xy6ndn3zkX0RA2F_6N7DD10mfxpmfOpBeiVggdZGgtAP6XaXOU-9TAMUJ1DnjnKBLZtgVlKSUudZFdNfx_duxEKv6M7UAqbIQpR5CS_TXdcXYlwumJZLtNCmPr9JryEduMNR5WYm6G2sUqJ9KpGSeXif4zheSZkzHZGsXlWfl70NSJ2BZ1V4KADjUXHbqU_eyGLDd9KEoiUM7n8w2qLWZPp7KDmsffWfduUp9kUZ0rkN00hR7hnjkoXzj70USKECgeYPxrrMMvdV8faxeg5ZUr0qUe8wBPVB7kL9MsZDIinaRF21zsw7XYyrguN4TwExcSvOQNn1CCzKyxN7UwQm3b2AUeUh9bzeYuLngDBPbGXi2hRLq1UtBPe0C4tpL66k8CbTp6RHKPb3WlD6q8f6IwbMA3xSRO8RaIre9hmfL-l0pR_DoV-bZtMmQbJFamaEZ8QfQBL3w8JSiS_GGkvR5Hq7zvklHe-pSar8ERbv1rMOVbT5Nuy6lDnEc00S8oOvHYDMR3B4hPu2A3NhTHasvQ2AqTYwkgGfE3XbXJIpV-MtRXcpiFFTRg0myn7DmxxYtU44fwT-h1Hxi2ZkB4QvL4n2alFOJbyHh5IymIV3JNXArnGBAt0JxJ88lOaoG6UaywHhsh-Oufd5z-y8ORqKaeVGVA51XhQvwEdKe7H3isOpT1olLOwjKbpYCYoZsg0j8kkRwrtEw5Rfclmb2wC1XPCfPIn_Pj7peX3WbCsIT1aHmKqS3pmSVMfNlS22fCPuGXaSDvDUYEZAdLV3s_RdDbOnIOeWIlRp_psFGGrA8rWWB3nz6df8HoHtZLEBp4aJkaCDOd_jvEDD_fCdRqtcZRwQYdWTTqmbURfFmk9tVzrfPjuZfH5wRk-nfHI1j-6et3GqpFAWU91Pcild9cMF0wXFyA70e77w5Esw&c=36fd85e5&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:25 GMT
Cache-Control: no-cache
X-TraceId: c31850056ed814f9eafbb89c2eb0a655
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 1648328
h.lqm.io/odin/billing/6v0rQRczdoSxqPlKphKbR6_2/site/9zk0424e/ad/ Frame E71B 0
40 B 11ms
10ms Image
text/plain 2600:1901:0:9d3d::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.lqm.io/odin/billing/6v0rQRczdoSxqPlKphKbR6_2/site/9zk0424e/ad/1648328?price=0.064960465&currency=USD&mbr=${AUCTION_MRB}&id=aa9adfd6c993a745bb18246914618ef0&ts=1639404804358410
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:9d3d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
content-type

OPTIONS
H2 200 _bulk
api.solutionshindsight.net/v2/events/ Frame 0
0 280ms
279ms Preflight
application/json 18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.solutionshindsight.net/v2/events/_bulk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-126.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.bendigoadvertiser.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Dec 2021 14:13:25 GMT
x-amzn-requestid: da2f79a3-03d2-4170-839d-ec165b8328b1
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: KSo41HlwIAMFsNA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: seeEubGHiNqgS1n5DcrhoSP1mNARPEX1rtywN72M90n1MVBz-c0cAQ==

GET
H3

200

B26812199.320578998;dc_pre=COD8rej64PQCFXTsEQgdGNMEwg;dc_trk_aid=513171879;dc_trk_cid=161936268;ord=
ad.doubleclick.net/ddm/trackimp/N6264.2621703STROEERDIGITALMEDIA/ Frame 7900
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6264.2621703STROEERDIGITALMEDIA/B26812199.320578998;dc_trk_aid=513171879;dc_trk_cid=161936268;ord=
https://ad.doubleclick.net/ddm/trackimp/N6264.2621703STROEERDIGITALMEDIA/B26812199.320578998;dc_pre=COD8rej64PQCFXTsEQgdGNMEwg;dc_trk_aid=513171879;dc_trk_cid=161936268;ord=

42 B
63 B

59ms
33ms

Image
image/gif

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6264.2621703STROEERDIGITALMEDIA/B26812199.320578998;dc_pre=COD8rej64PQCFXTsEQgdGNMEwg;dc_trk_aid=513171879;dc_trk_cid=161936268;ord=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6264.2621703STROEERDIGITALMEDIA/B26812199.320578998;dc_pre=COD8rej64PQCFXTsEQgdGNMEwg;dc_trk_aid=513171879;dc_trk_cid=161936268;ord=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adview.php
a.twiago.com/ Frame F03C 43 B
512 B 105ms
31ms Image
image/gif 85.215.5.31
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.twiago.com/adview.php?pid=7230&wmid=54330&gdpr_consent=[consentstring]&nvc=1&ord=1639404804359532&target=-

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.5.31 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache / PHP/7.3.29

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Mon, 13 Dec 2021 14:13:25 GMT
server: Apache
x-powered-by: PHP/7.3.29
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
connection: close
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame C1FB
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/877852/58581475/skeleton.gif
https://static.adsafeprotected.com/skeleton.gif

43 B
481 B

26ms
7ms

Image
image/gif

2600:9000:2240:7600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Server: 2600:9000:2240:7600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
age: 11138331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: U7IzTrbTTXuT6YXgtNpVp8GHERO0Tr9eJtIDn2KippNe3WB4pNobvw==

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 t.gif
h.lqm.io/odin/pixel/6v0rQRczdoSxqPlKphKbR6_2/site/9zk0424e/ad/1648328/ Frame 63A5 43 B
101 B 10ms
9ms Image
image/gif 2600:1901:0:9d3d::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.lqm.io/odin/pixel/6v0rQRczdoSxqPlKphKbR6_2/site/9zk0424e/ad/1648328/t.gif?gdpr_consent=no_consent&isac=false&price=0.064960465&currency=USD&mbr=${AUCTION_MRB}&id=&ts=1639404804358410
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:9d3d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 14:13:24 GMT
via: 1.1 google
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 photo-1620050382792-434b5828873d
images.unsplash.com/ Frame 10C2 34 KB
35 KB 8ms
8ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5b715124fb434b19d62ec7a153d60bbaedf3c42086e8debbc8613109b70401f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 12 Dec 2021 19:14:07 GMT
server: imgix
age: 68357
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: b4c3cfddbf2dfa964691ca202b7c6296547227a0
accept-ranges: bytes
content-length: 35270
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10068-SJC, cache-hhn4034-HHN

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639404802526&de=143573561437&rx=60141623035&m=0&ar=cc97a930ec1-clean&iw=ceff30a&q=7&cb=0&cu=1639404802526&ll=2&lm=0&ln=0&em=0&en=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1763&fs=195926&na=1029103383&cs=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame CA0F 4 KB
2 KB 28ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6_1%2Fsite%2F9zk0424e%2Fad%2F1651648%3Fprice%3D0.08104651%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Response headers

accept-ranges: bytes
content-type: text/html
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:25 GMT
date: Mon, 13 Dec 2021 14:13:25 GMT
content-length: 1602
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame D326 4 KB
2 KB 42ms
41ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6%2Fsite%2F9zk0424e%2Fad%2F1648327%3Fprice%3D0.12875398%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Response headers

accept-ranges: bytes
content-type: text/html
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:25 GMT
date: Mon, 13 Dec 2021 14:13:25 GMT
content-length: 1602
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 2066 4 KB
2 KB 36ms
36ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6_2%2Fsite%2F9zk0424e%2Fad%2F1648328%3Fprice%3D0.064960465%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Response headers

accept-ranges: bytes
content-type: text/html
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
expires: Mon, 13 Dec 2021 18:13:25 GMT
date: Mon, 13 Dec 2021 14:13:25 GMT
content-length: 1602
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA5F 0
0 52ms
51ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdTNFBFW3YZKwIfW5lQeAyZSYDLiZ86Jc6bXuu_oCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4ODg2NzY2NTQwNDczOTPIAQngAgCoAwGqBL0CT9CwePGrtiTIuXKBVKk7g_dt2tUVmkkzUtz30FIPlmxxfVFmMi1Z6iTlWep5CVMNXDhJqyBBDQBGPbL2hshs3czM7V928pbvLluhvt36oFqqdUiNuXpLVppXpo3ovfrs_NeveovyKGwzlzclZx2uMtNTqWhRzwiKMK6d93mgYihMVTfAj5um5xO-GagS7VDlruUI6qGf88YBzVTIPxKHL-f5YSl2ntulAZrKVmGncHS6Qzwf7HmsCBPwRIpA6jHDYsIbs6K2iG3mIhZ9GPb5v4Em0gE0IvhY7n1B8oB6gzCXBcC2TXfHBMGaNrxvc76hjHHrQC_FJp31XnnavlqWQ0ViFqh2s6oGnnLJXA04CfA3DCU9NqhML9qKp5Zy_y9Amu1IuWir0IBgKQ0iN1KMPzCImXDwkJqt33us7-XgBAGABo7wpenjt9_xVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc4ODg2NzY2NTQwNDczOTMYpc5q&sigh=YMUZdCaINGw&uach_m=[UACH]&cid=CAQSPACNIrLMv7C6pwZvwkuWPfZ761BdhswJ8QHNsIgg0q1M6kOnGPjWfA2ImlCl6XROKuErmL1TLNy2FNSOfxgB&tpd=AGWhJmt85ijfaFJ53HsmrxR6CzeiYN98nHOOIC4Hza1FuquBiwdBCJhVsGMssxjMEZWrLZs4O_d1vt_FObwPlDUsT7dj80fuVWzfqwO1g0iDPjoCafbKpBXJAX3FoJD42U85edj_VelQy3GaHS6leVhKGJ7HZ-lrgnbfAnieH_iwVB0msWDrKcs84bf6VxXTrTn7IJap4ldWuxvjkDGEDLTtJnWzxSudKPhokjK70QWHd1_J02wLy0aMq4xzij3X99LgoRtjTBNSK3HPAx3eUbNBpnmReeH_JP4tLgVIZ85B-ZQjMgOq7n0KosNFdCcD2VcDGhI2cbC41sDB-NMxeWNx7BeOfE-FP-O2ge84bIf3NIdvge3cW9wIhssnr7pmnHfhzVOUQG0lFGfsGyGolCzSJ8eaPLEhNpdKKw65n1AFw9RBIbj1m7bwmrYipjoBZQMgft8FNRb25mJ_DYQDk0DZlHqdvh3v-Y15ShELgvU3g1xg49mXiU6Kt49dnI1UT6JIGY9MJ8UsEeA5aA5t82JENwQqHJg8H7GtcRIG0ATg-ySo-EfFSoSvnlNCZ2P8SkG_61AuBFUSUsaizWbd6JlYsZKGm16Lm4BQiKbXx5zLhiWF8KDl7UwyCLxdg7BE_q6TyBO0Y0TGx8C0rjeIphauq6Jx6LGEIDUh67mQR3pEIlT_h3jBKmxxM2RtHO86VtzpoxGwanYuDRpqFGhGnF8-1ztPAx2PpIVMBQx5pwigJnppyYEtss3GHc1C_hBdcODoygz5Z4mOFz2v026qWSzEG9sMyTmKr-YWINxQIJa_ZrfsmEQyDt5EPzYxQ7E6GVCebEkM_C_RoPJ_Y9UlELL73d7J5D9VQTsgClfIczluBGP9loSB2GQAPUVcJ2CawORRiRt6HzAf06Ni3bIOh-mXUvKIhl3ufaK_xAS0AIuPhmfZTUnIKq0Tg_senEY6X_2avePEzJ0fS6v6sc4myL0Y3YiWOl-tOSUsEyw4zMGe4XRE3cpo2nEorLLorUXDCFIR4ak8s0rqdnIqCnzn2az_RqgxZ0FWFQVkmJ_d6OqCWuor0AoXOWfYXxPv9gD3_T2LofsMfq19WW_Fn6EDOS9ETdPtoZA2jqbuznc5sGZHtemlRfBC6Ct4_Qi9XuvNqQN01zN7wzLrbzLcXVyan6llvtgNEtp7X63PmO7qrq6DrwaV2bBRw2sa30vuvALuIvzQXoDQhrtYMC2JYyskWQEw-UWSAoXPfGY8JK2_bDLxUKftMklMRfXJ6Bm8rZkKCtMB7vs6qwJWyTjCos1MGB7xkPIDYbW2S_utE0uouZPY7K9oVILMqx2si32e1csxVRMiRt7dH5-DB7LvJ8Jg0nkNoF-7Vvu1utFNV4xWqwv98NG_C_447WfDWPE7c4DE1OCLj7PBtupFe0N9nXSsUSyA6BQ6kXdDTII90D9GPGD7jt4MG_HaxqPrymUIFh905Y1AcN0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame DA5F 1 KB
1 KB 124ms
26ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=48267046;rtbwp=0.155785;rtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d80ccd5cbb1a97c9a8362a945987bb989e8d00eef1230b88b974e80940dbfeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 900
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DA5F 2 KB
1 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:08:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA5F 119 KB
36 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DA5F 15 KB
7 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:11:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DA5F 22 KB
7 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 11:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Dec 2022 11:17:15 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 1EF7 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Source+Sans+Pro:400,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy-au.piano.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:17:49 GMT
x-content-type-options: nosniff
age: 496536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:17:49 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 1EF7 13 KB
13 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Source+Sans+Pro:400,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy-au.piano.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 442248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 11:22:37 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5C6F 0
0 48ms
47ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyByFBFW3YZGwIfW5lQeAyZSYDJ6hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4ODg2NzY2NTQwNDczOTPIAQngAgCoAwGqBLkCT9Ab6T2GR4jUXMWyFyuF7lP93qAqMlglpGcbaVkJPhIErrgb2soZiAgRI7hBc5CGa5IYf4kcqZ57JiL2ViqBFQTt2k4QLId9qJDQI4j7pql0OP57GPIj-RdN9iaVkh1zPcwX6YVRmnmr-abZZZ5NpaqEswPrURbdaAgSoPPMtAPU24kqveEGOqoF0KNx-jF7vMCV8AdPMbxbBzu0Nn58uE5IZrerAvLeeb8TbaFTZDdzShq7EmEfYcqZFrTvm18ib5QdWfpxjvb-xRm5gwuql5k3XsHEJ0vl0h4VkIAMCb-bhY_71eEK1NrdwFyE1VZsHrpx5wwgqrgQL2Y3u-ClNCe-g7mciitanBNcVPCCghnzFvjMUJdgmgP4kXhayADgmISs2w7iKTmP7CDmwrmd1atpa6fQfYhnJuAEAYAGncjEgqu-18tnoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzg4ODY3NjY1NDA0NzM5Mxilzmo&sigh=PJvEouvapZo&uach_m=[UACH]&cid=CAQSPACNIrLMv7C6pwZvwkuWPfZ761BdhswJ8QHNsIgg0q1M6kOnGPjWfA2ImlCl6XROKuErmL1TLNy2FNSOfxgB
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame CF32 81 KB
30 KB 64ms
61ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=3606295681&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=185.232.23.0&output=html&unviewed_position_start=1&url=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station&sub_client=bidder-309936&aceid=MCMXtACX5NMAOtTmAPlVNAGxazQB2m00AeVuNAEWbzQBwW80AcJvNAEecDQBTnA0AV5wNAG2cDQBuXA0Ad1wNAHucDQBDnE0AVRxNAFVcTQBZnE0AXhxNAGHcTQBl3E0AaBxNAG1cTQB0XE0AUtzQQFTc0EBWHNBAbO-igEs_dkBxf7ZAWLB_QGRHVwCwh1cAkD3iALs-YgCn0CqAidCqgIoQqoCgkKqAhZcqgL-eKoC4nuqAkx9qgIygqoCq5GqAreUqgKAm6oCgZuqAoKbqgLanqoCpaeqAqKoqgK0q6oCK6yqAlOsqgIcrqoCHa6qAuGuqgKWr6oCNLCqAnawqgJ5sKoCfLCqAn-wqgKCsKoCirCqAra0qgI4vKoCZ8CqAq_AqgKoxKoCdMmqAsnKqgLVzKoCKM2qAjHOqgK7zqoC4c6qApTPqgJK0KoCcNKqAs7TqgJR1aoCStaqApPXqgKD2KoCfdmqAqnZqgLd26oCltyqAijeqgJV3qoCv96qAqDfqgI74aoCdOKqAtbiqgLm4qoCY-OqAoDkqgLz5KoC_-SqAgflqgKg5aoCIOaqAsXoqgLK6KoC4-iqArnpqgJB66oCSeuqAlXrqgJG7KoCwO2qAmTuqgJ57qoCqbPFBTXTgwjQhiMKCHD2C8PYoQ7OoTUROJX7Eg2x-xIQvvsSBsn7Errc-xLv5vsSzuf7EmDp-xIh7PsScu37EtDt-xLh7vsS7e77EsXv-xIX8PsSHPD7EkHw-xJu8PsSx_D7EpZmZBNnXdATmaLqFA9cNxeayxwY91ZrGlkAkimtkkE5&awbid_c=AKAmf-A7rg4C0aKMt85TSQIsgCjss2AzL8_FJlhbKeHenj1BQxwuaWUvPeqypZQtTe-YPtJQBAtaeeGy32-Lg7Reugo7khisx_tZyxnfEbZBEsoAIiWpp00Kn3otoPxh1eeaDFwddWAnK13LK_yWbveB_Tu0GmG6O0d_un2p4R78iAqtekbINBM&awbid_d=AKAmf-DgMBR3gpZRSW3KLgZZkY9RWa0BkmvtwLvE7xLw1awwE6h101dCa4LqP78pBuUmUlwUfAzUrEcdH9LUHFtn9o6W1290DLFoPx3C-UunGJ9wFbZLrJ_8jaZOeighn1GftxGMYe3OlWhvAoyuiuXcbf9xWHujs8r5XiBucFa3Oi9qZ6kFwt0RWB-zBr2DU2NlagHjWp6dHLnayFhPHSR-zdLHkMPrG-y_j45XeQwew0g56PSrl4h9My_XynjntXoxh0g-bn1O8yeW3mWd6Afp70mrZ8p6Nnh1RMPCltoJSs8zu_9Vhvlnfkq6DYz3nDU2JBknmQx4ENPLW-IYaBFx3JkhVny3coDs-Ag2xFMpwhRHz-gdt9lPYXKFX9VUoZIKNbzUsORFAmMVIVQvfIMl2VPnKQQUtTt8QR3kHmv9sVO82GhK7eJqO0drdAbcOACdfcAXcSyRrXIs_dFjGY7ZAmoY0LANJnp_RtS-UwfhKSjhXL8EhYsvBQzETWxiQ-wrNxoCSIu6jknJ3xKS_PhkALIsmMjjM_GBGv28LjTLcur4XYT2rJUHa3anTl6m6X35lRe8bOA34MB-isfP0Hmhzf0x0KMi4PUoNERAKtB7lKPVfYjm_Pfck7JCgdjJvhPbSdTfwniaNYCSuPCtsURpkNcnvEWEgh6zuBq8NcrHuY9XjGJBV-6iakOoW9_IlVDVimGgRvxGn4dLET-OTUlCiCPkqquu8_d-e_cztnM4poZ9Vj--Kz0JPrjLlwzTRjVRtrMde9JdS58krqUbboHfey9uheFxkw&cid=CAASBORoqjI&exk=457076748&rfl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&a_pr=13:YbdVBAAAAAAOcGLlmLOu4DXOwWo5j80a5yFHGw

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b447063aba5f930343c5e155db88094159740a9438852ae483b727939654fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 14:13:25 GMT
server: cafe
content-length: 30700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 5C6F 13 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4f31178f3fe6003e606295047fdb9be890c6a9c6c8594576435f86975af582f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2031
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0
server: cafe
etag: 4841097009533305096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 14:39:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5C6F 2 KB
1 KB 22ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:08:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C6F 119 KB
36 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5C6F 15 KB
6 KB 18ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:11:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5C6F 22 KB
7 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 11:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Dec 2022 11:17:15 GMT

GET
H/1.1 200
OK v1
a3192.casalemedia.com/impression/ Frame 5C6F 43 B
303 B 33ms
8ms Image
image/gif 185.170.61.93
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3192.casalemedia.com/impression/v1?bidID=ae68698f-de48-4e88-8c05-65a65404be5a&traceID=c6rla143nth8o2bb783g&dspID=85&userID=&cmpro=0&ap=YbdVBAAIWBEK5Vz1AAUkgEfkQA-vG1Aw2GcaiA
Requested by: Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.61.93 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C6F 0
442 B 65ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-DH-_SljhWD4scPMZRNneIhM-vxvCf-1kZl9wSkOk7OzGH0X9bQ9VhyhZLBtxmLvAc57Eqms91WPkFaPNmeVyboeq1ezw&pr=13:YbdVBAAAAABgEvn0gqHonP5tqo5Rr8kWgS_ozA

Requested by

Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D46F 348 KB
117 KB 19ms
19ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
BLOB 200
OK d2e1938d-1adc-432e-9e0b-177d2bef18c5
https://www.bendigoadvertiser.com.au/ Frame D46F 564 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bendigoadvertiser.com.au/d2e1938d-1adc-432e-9e0b-177d2bef18c5
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 564
Content-Type: text/javascript

GET
H/1.1 200
OK report Show response
widgetmonitor.outbrain.com/WidgetErrorMonitor/api/ Frame CA0F 2 B
261 B 365ms
91ms XHR
application/json 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetmonitor.outbrain.com/WidgetErrorMonitor/api/report?name=obm-PixelLoadingError&version=undefined&message=%7B%22url%22%3A%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6_1%2Fsite%2F9zk0424e%2Fad%2F1651648%3Fprice%3D0.08104651%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22%2C%22advId%22%3A%22%22%2C%22numberOfPixels%22%3A%22%22%7D&env=undefined&url=https%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2Fexternals%2FobPixelFrame%2FobPixelFrame.htm&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&agent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&stack=undefined&errorEleUrl=&pId=&sId=&dId=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fh.lqm.io%2Fodin%2Fbilling%2F6v0rQRczdoSxqPlKphKbR6_1%2Fsite%2F9zk0424e%2Fad%2F1651648%3Fprice%3D0.08104651%26currency%3DUSD%26mbr%3D%24%7BAUCTION_MRB%7D%26id%3Daa9adfd6c993a745bb18246914618ef0%26ts%3D1639404804358410%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 13 Dec 2021 14:13:25 GMT
Connection: close
X-TraceId: 44cafff9ddec3acc8f322fe9846675ce
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Length: 2
Content-Type: application/json; charset=utf-8

GET
H3 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C6F 73 KB
27 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8576ac4fad8d6a2eef6c1a412387cb3e7a6909b0a647f33bb0686d57d300d02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461277931444"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame E110
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1

1 KB
3 KB

30ms
30ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by: Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6d2247d8fe93a7251c0eae4fb1db0a41428b0c2ad9ff4167159bf45c59bfca9d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|45|81|105|8|196
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1524
Expires: Mon, 13 Dec 2021 14:13:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 13 Dec 2021 14:13:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 5C6F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecc916b3f6f290298ffc698e5bf57cab7a5b0bacddb1ad26533b502520a84f9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame DA5F 33 KB
16 KB 94ms
23ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=48267046;rtbwp=0.155785;rtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 14 Dec 2021 17:14:16 GMT

GET
H3 200 4627314749190282285
tpc.googlesyndication.com/simgad/ Frame CF32 52 KB
52 KB 27ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4627314749190282285?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlFaQNeliMwnDQ2IBxBnmb5bTZMwg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3606295681&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=185.232.23.0&output=html&unviewed_position_start=1&url=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station&sub_client=bidder-309936&aceid=MCMXtACX5NMAOtTmAPlVNAGxazQB2m00AeVuNAEWbzQBwW80AcJvNAEecDQBTnA0AV5wNAG2cDQBuXA0Ad1wNAHucDQBDnE0AVRxNAFVcTQBZnE0AXhxNAGHcTQBl3E0AaBxNAG1cTQB0XE0AUtzQQFTc0EBWHNBAbO-igEs_dkBxf7ZAWLB_QGRHVwCwh1cAkD3iALs-YgCn0CqAidCqgIoQqoCgkKqAhZcqgL-eKoC4nuqAkx9qgIygqoCq5GqAreUqgKAm6oCgZuqAoKbqgLanqoCpaeqAqKoqgK0q6oCK6yqAlOsqgIcrqoCHa6qAuGuqgKWr6oCNLCqAnawqgJ5sKoCfLCqAn-wqgKCsKoCirCqAra0qgI4vKoCZ8CqAq_AqgKoxKoCdMmqAsnKqgLVzKoCKM2qAjHOqgK7zqoC4c6qApTPqgJK0KoCcNKqAs7TqgJR1aoCStaqApPXqgKD2KoCfdmqAqnZqgLd26oCltyqAijeqgJV3qoCv96qAqDfqgI74aoCdOKqAtbiqgLm4qoCY-OqAoDkqgLz5KoC_-SqAgflqgKg5aoCIOaqAsXoqgLK6KoC4-iqArnpqgJB66oCSeuqAlXrqgJG7KoCwO2qAmTuqgJ57qoCqbPFBTXTgwjQhiMKCHD2C8PYoQ7OoTUROJX7Eg2x-xIQvvsSBsn7Errc-xLv5vsSzuf7EmDp-xIh7PsScu37EtDt-xLh7vsS7e77EsXv-xIX8PsSHPD7EkHw-xJu8PsSx_D7EpZmZBNnXdATmaLqFA9cNxeayxwY91ZrGlkAkimtkkE5&awbid_c=AKAmf-A7rg4C0aKMt85TSQIsgCjss2AzL8_FJlhbKeHenj1BQxwuaWUvPeqypZQtTe-YPtJQBAtaeeGy32-Lg7Reugo7khisx_tZyxnfEbZBEsoAIiWpp00Kn3otoPxh1eeaDFwddWAnK13LK_yWbveB_Tu0GmG6O0d_un2p4R78iAqtekbINBM&awbid_d=AKAmf-DgMBR3gpZRSW3KLgZZkY9RWa0BkmvtwLvE7xLw1awwE6h101dCa4LqP78pBuUmUlwUfAzUrEcdH9LUHFtn9o6W1290DLFoPx3C-UunGJ9wFbZLrJ_8jaZOeighn1GftxGMYe3OlWhvAoyuiuXcbf9xWHujs8r5XiBucFa3Oi9qZ6kFwt0RWB-zBr2DU2NlagHjWp6dHLnayFhPHSR-zdLHkMPrG-y_j45XeQwew0g56PSrl4h9My_XynjntXoxh0g-bn1O8yeW3mWd6Afp70mrZ8p6Nnh1RMPCltoJSs8zu_9Vhvlnfkq6DYz3nDU2JBknmQx4ENPLW-IYaBFx3JkhVny3coDs-Ag2xFMpwhRHz-gdt9lPYXKFX9VUoZIKNbzUsORFAmMVIVQvfIMl2VPnKQQUtTt8QR3kHmv9sVO82GhK7eJqO0drdAbcOACdfcAXcSyRrXIs_dFjGY7ZAmoY0LANJnp_RtS-UwfhKSjhXL8EhYsvBQzETWxiQ-wrNxoCSIu6jknJ3xKS_PhkALIsmMjjM_GBGv28LjTLcur4XYT2rJUHa3anTl6m6X35lRe8bOA34MB-isfP0Hmhzf0x0KMi4PUoNERAKtB7lKPVfYjm_Pfck7JCgdjJvhPbSdTfwniaNYCSuPCtsURpkNcnvEWEgh6zuBq8NcrHuY9XjGJBV-6iakOoW9_IlVDVimGgRvxGn4dLET-OTUlCiCPkqquu8_d-e_cztnM4poZ9Vj--Kz0JPrjLlwzTRjVRtrMde9JdS58krqUbboHfey9uheFxkw&cid=CAASBORoqjI&exk=457076748&rfl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&a_pr=13:YbdVBAAAAAAOcGLlmLOu4DXOwWo5j80a5yFHGw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f1b81a39a8b9e8b6eccbfdc14b5888f79cdae622cd44645c6c88d09c976b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 12:19:42 GMT
x-content-type-options: nosniff
age: 179623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52933
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 22:34:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Dec 2022 12:19:42 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame CF32 24 KB
9 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:23:12 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CF32 2 KB
1 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e371c9ea0fd636a3ecd29ae5e8413d144d470f77ca4bdda94b6e61ec3b980eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
server: cafe
etag: 11377196957905752455
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:13:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF32 119 KB
36 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CF32 18 KB
7 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51bbe57479b8c393497c12c8a7a3e3db77d4d60751017cbebd63ddc54a328819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7337
x-xss-protection: 0
server: cafe
etag: 7465115486436736623
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:05:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CF32 0
0 32ms
15ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnP83zOGvenv3iZNyGl7Uwf-Prmg1VsZNjQX06TReBnhFYEFtQU4F3932jCSUXus2mKKcCXPUY3sxmWaxPSSNMp5toBQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3606295681&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=185.232.23.0&output=html&unviewed_position_start=1&url=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station&sub_client=bidder-309936&aceid=MCMXtACX5NMAOtTmAPlVNAGxazQB2m00AeVuNAEWbzQBwW80AcJvNAEecDQBTnA0AV5wNAG2cDQBuXA0Ad1wNAHucDQBDnE0AVRxNAFVcTQBZnE0AXhxNAGHcTQBl3E0AaBxNAG1cTQB0XE0AUtzQQFTc0EBWHNBAbO-igEs_dkBxf7ZAWLB_QGRHVwCwh1cAkD3iALs-YgCn0CqAidCqgIoQqoCgkKqAhZcqgL-eKoC4nuqAkx9qgIygqoCq5GqAreUqgKAm6oCgZuqAoKbqgLanqoCpaeqAqKoqgK0q6oCK6yqAlOsqgIcrqoCHa6qAuGuqgKWr6oCNLCqAnawqgJ5sKoCfLCqAn-wqgKCsKoCirCqAra0qgI4vKoCZ8CqAq_AqgKoxKoCdMmqAsnKqgLVzKoCKM2qAjHOqgK7zqoC4c6qApTPqgJK0KoCcNKqAs7TqgJR1aoCStaqApPXqgKD2KoCfdmqAqnZqgLd26oCltyqAijeqgJV3qoCv96qAqDfqgI74aoCdOKqAtbiqgLm4qoCY-OqAoDkqgLz5KoC_-SqAgflqgKg5aoCIOaqAsXoqgLK6KoC4-iqArnpqgJB66oCSeuqAlXrqgJG7KoCwO2qAmTuqgJ57qoCqbPFBTXTgwjQhiMKCHD2C8PYoQ7OoTUROJX7Eg2x-xIQvvsSBsn7Errc-xLv5vsSzuf7EmDp-xIh7PsScu37EtDt-xLh7vsS7e77EsXv-xIX8PsSHPD7EkHw-xJu8PsSx_D7EpZmZBNnXdATmaLqFA9cNxeayxwY91ZrGlkAkimtkkE5&awbid_c=AKAmf-A7rg4C0aKMt85TSQIsgCjss2AzL8_FJlhbKeHenj1BQxwuaWUvPeqypZQtTe-YPtJQBAtaeeGy32-Lg7Reugo7khisx_tZyxnfEbZBEsoAIiWpp00Kn3otoPxh1eeaDFwddWAnK13LK_yWbveB_Tu0GmG6O0d_un2p4R78iAqtekbINBM&awbid_d=AKAmf-DgMBR3gpZRSW3KLgZZkY9RWa0BkmvtwLvE7xLw1awwE6h101dCa4LqP78pBuUmUlwUfAzUrEcdH9LUHFtn9o6W1290DLFoPx3C-UunGJ9wFbZLrJ_8jaZOeighn1GftxGMYe3OlWhvAoyuiuXcbf9xWHujs8r5XiBucFa3Oi9qZ6kFwt0RWB-zBr2DU2NlagHjWp6dHLnayFhPHSR-zdLHkMPrG-y_j45XeQwew0g56PSrl4h9My_XynjntXoxh0g-bn1O8yeW3mWd6Afp70mrZ8p6Nnh1RMPCltoJSs8zu_9Vhvlnfkq6DYz3nDU2JBknmQx4ENPLW-IYaBFx3JkhVny3coDs-Ag2xFMpwhRHz-gdt9lPYXKFX9VUoZIKNbzUsORFAmMVIVQvfIMl2VPnKQQUtTt8QR3kHmv9sVO82GhK7eJqO0drdAbcOACdfcAXcSyRrXIs_dFjGY7ZAmoY0LANJnp_RtS-UwfhKSjhXL8EhYsvBQzETWxiQ-wrNxoCSIu6jknJ3xKS_PhkALIsmMjjM_GBGv28LjTLcur4XYT2rJUHa3anTl6m6X35lRe8bOA34MB-isfP0Hmhzf0x0KMi4PUoNERAKtB7lKPVfYjm_Pfck7JCgdjJvhPbSdTfwniaNYCSuPCtsURpkNcnvEWEgh6zuBq8NcrHuY9XjGJBV-6iakOoW9_IlVDVimGgRvxGn4dLET-OTUlCiCPkqquu8_d-e_cztnM4poZ9Vj--Kz0JPrjLlwzTRjVRtrMde9JdS58krqUbboHfey9uheFxkw&cid=CAASBORoqjI&exk=457076748&rfl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&a_pr=13:YbdVBAAAAAAOcGLlmLOu4DXOwWo5j80a5yFHGw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF32 0
17 B 50ms
49ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgtb9BFW3YdD7JpSQbZ7BrJgIiqzKhWfh8sHboQ-_4R4QASC35YQhYJXikIKgB6ABm4jRnwPIAQKpArkqj33C_LI-qAMByAPJBKoEigJP0E2a3FSt6sntnT1UIQmMpoqerlaVpl0w4DTZj8EzQA7hRtIIdWLlX4ly6MuYeRm5toewiAzWzAE9dk0_mOqiLKUkhkHoyfI87DaEU5StZcV3xADlmWsqepS7gFV7mxAjTjwag9PJwIxGDyvRdW6t-dep1dTae-wDSCKSK8KFfQTm3fm6XtarSomlTinAPZAs-DGXd_9rgRNhTqGqbq8-ae-ERO2gDDcn0CxbQgHpnYhjgIp1nLa0yClBGGlKyfCY4dxdXcthz5osigW-LdGlN_ktaA0_dLb-nQwgFxxB1ubnkcp0u7AFsXlksQlJdh6pM2eJOT5yXCgDuU9L8YdRUOCm8Tlv1h_ItMAEoo7N3t8DkgUECAQYAZIFBAgFGASgBgKAB833rmCoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAdIIBwiAYRABGADyCA1iaWRkZXItMzA5OTM2gAoEyAsB2BMN0BUBmBYBgBcBshcICgYIABIAGAA&sigh=lShC3dVIsDY&uach_m=[UACH]&pr=13:YbdVBAAAAAAOcGLlmLOu4DXOwWo5j80a5yFHGw&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3606295681&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=185.232.23.0&output=html&unviewed_position_start=1&url=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station&sub_client=bidder-309936&aceid=MCMXtACX5NMAOtTmAPlVNAGxazQB2m00AeVuNAEWbzQBwW80AcJvNAEecDQBTnA0AV5wNAG2cDQBuXA0Ad1wNAHucDQBDnE0AVRxNAFVcTQBZnE0AXhxNAGHcTQBl3E0AaBxNAG1cTQB0XE0AUtzQQFTc0EBWHNBAbO-igEs_dkBxf7ZAWLB_QGRHVwCwh1cAkD3iALs-YgCn0CqAidCqgIoQqoCgkKqAhZcqgL-eKoC4nuqAkx9qgIygqoCq5GqAreUqgKAm6oCgZuqAoKbqgLanqoCpaeqAqKoqgK0q6oCK6yqAlOsqgIcrqoCHa6qAuGuqgKWr6oCNLCqAnawqgJ5sKoCfLCqAn-wqgKCsKoCirCqAra0qgI4vKoCZ8CqAq_AqgKoxKoCdMmqAsnKqgLVzKoCKM2qAjHOqgK7zqoC4c6qApTPqgJK0KoCcNKqAs7TqgJR1aoCStaqApPXqgKD2KoCfdmqAqnZqgLd26oCltyqAijeqgJV3qoCv96qAqDfqgI74aoCdOKqAtbiqgLm4qoCY-OqAoDkqgLz5KoC_-SqAgflqgKg5aoCIOaqAsXoqgLK6KoC4-iqArnpqgJB66oCSeuqAlXrqgJG7KoCwO2qAmTuqgJ57qoCqbPFBTXTgwjQhiMKCHD2C8PYoQ7OoTUROJX7Eg2x-xIQvvsSBsn7Errc-xLv5vsSzuf7EmDp-xIh7PsScu37EtDt-xLh7vsS7e77EsXv-xIX8PsSHPD7EkHw-xJu8PsSx_D7EpZmZBNnXdATmaLqFA9cNxeayxwY91ZrGlkAkimtkkE5&awbid_c=AKAmf-A7rg4C0aKMt85TSQIsgCjss2AzL8_FJlhbKeHenj1BQxwuaWUvPeqypZQtTe-YPtJQBAtaeeGy32-Lg7Reugo7khisx_tZyxnfEbZBEsoAIiWpp00Kn3otoPxh1eeaDFwddWAnK13LK_yWbveB_Tu0GmG6O0d_un2p4R78iAqtekbINBM&awbid_d=AKAmf-DgMBR3gpZRSW3KLgZZkY9RWa0BkmvtwLvE7xLw1awwE6h101dCa4LqP78pBuUmUlwUfAzUrEcdH9LUHFtn9o6W1290DLFoPx3C-UunGJ9wFbZLrJ_8jaZOeighn1GftxGMYe3OlWhvAoyuiuXcbf9xWHujs8r5XiBucFa3Oi9qZ6kFwt0RWB-zBr2DU2NlagHjWp6dHLnayFhPHSR-zdLHkMPrG-y_j45XeQwew0g56PSrl4h9My_XynjntXoxh0g-bn1O8yeW3mWd6Afp70mrZ8p6Nnh1RMPCltoJSs8zu_9Vhvlnfkq6DYz3nDU2JBknmQx4ENPLW-IYaBFx3JkhVny3coDs-Ag2xFMpwhRHz-gdt9lPYXKFX9VUoZIKNbzUsORFAmMVIVQvfIMl2VPnKQQUtTt8QR3kHmv9sVO82GhK7eJqO0drdAbcOACdfcAXcSyRrXIs_dFjGY7ZAmoY0LANJnp_RtS-UwfhKSjhXL8EhYsvBQzETWxiQ-wrNxoCSIu6jknJ3xKS_PhkALIsmMjjM_GBGv28LjTLcur4XYT2rJUHa3anTl6m6X35lRe8bOA34MB-isfP0Hmhzf0x0KMi4PUoNERAKtB7lKPVfYjm_Pfck7JCgdjJvhPbSdTfwniaNYCSuPCtsURpkNcnvEWEgh6zuBq8NcrHuY9XjGJBV-6iakOoW9_IlVDVimGgRvxGn4dLET-OTUlCiCPkqquu8_d-e_cztnM4poZ9Vj--Kz0JPrjLlwzTRjVRtrMde9JdS58krqUbboHfey9uheFxkw&cid=CAASBORoqjI&exk=457076748&rfl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&a_pr=13:YbdVBAAAAAAOcGLlmLOu4DXOwWo5j80a5yFHGw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Dec 2021 14:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CF32 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

603aba830ea0e035c90c5c4a95a4f2a79de9c8f6b479a4f5e599402dedf9cdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 11:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14065
x-xss-protection: 0
server: cafe
etag: 12717653882186688320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 11:33:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=219&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=428654132534&cu=1639404802526&m=2330&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=219&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1469%3A1469%3A0%3A1763&as=0&ag=106&an=0&gf=106&gg=0&ix=106&ic=106&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=106&bx=0&dj=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=211&cd=0&ah=211&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_3&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195926&na=2145759800&cs=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 653C 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3606295681&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=185.232.23.0&output=html&unviewed_position_start=1&url=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station&sub_client=bidder-309936&aceid=MCMXtACX5NMAOtTmAPlVNAGxazQB2m00AeVuNAEWbzQBwW80AcJvNAEecDQBTnA0AV5wNAG2cDQBuXA0Ad1wNAHucDQBDnE0AVRxNAFVcTQBZnE0AXhxNAGHcTQBl3E0AaBxNAG1cTQB0XE0AUtzQQFTc0EBWHNBAbO-igEs_dkBxf7ZAWLB_QGRHVwCwh1cAkD3iALs-YgCn0CqAidCqgIoQqoCgkKqAhZcqgL-eKoC4nuqAkx9qgIygqoCq5GqAreUqgKAm6oCgZuqAoKbqgLanqoCpaeqAqKoqgK0q6oCK6yqAlOsqgIcrqoCHa6qAuGuqgKWr6oCNLCqAnawqgJ5sKoCfLCqAn-wqgKCsKoCirCqAra0qgI4vKoCZ8CqAq_AqgKoxKoCdMmqAsnKqgLVzKoCKM2qAjHOqgK7zqoC4c6qApTPqgJK0KoCcNKqAs7TqgJR1aoCStaqApPXqgKD2KoCfdmqAqnZqgLd26oCltyqAijeqgJV3qoCv96qAqDfqgI74aoCdOKqAtbiqgLm4qoCY-OqAoDkqgLz5KoC_-SqAgflqgKg5aoCIOaqAsXoqgLK6KoC4-iqArnpqgJB66oCSeuqAlXrqgJG7KoCwO2qAmTuqgJ57qoCqbPFBTXTgwjQhiMKCHD2C8PYoQ7OoTUROJX7Eg2x-xIQvvsSBsn7Errc-xLv5vsSzuf7EmDp-xIh7PsScu37EtDt-xLh7vsS7e77EsXv-xIX8PsSHPD7EkHw-xJu8PsSx_D7EpZmZBNnXdATmaLqFA9cNxeayxwY91ZrGlkAkimtkkE5&awbid_c=AKAmf-A7rg4C0aKMt85TSQIsgCjss2AzL8_FJlhbKeHenj1BQxwuaWUvPeqypZQtTe-YPtJQBAtaeeGy32-Lg7Reugo7khisx_tZyxnfEbZBEsoAIiWpp00Kn3otoPxh1eeaDFwddWAnK13LK_yWbveB_Tu0GmG6O0d_un2p4R78iAqtekbINBM&awbid_d=AKAmf-DgMBR3gpZRSW3KLgZZkY9RWa0BkmvtwLvE7xLw1awwE6h101dCa4LqP78pBuUmUlwUfAzUrEcdH9LUHFtn9o6W1290DLFoPx3C-UunGJ9wFbZLrJ_8jaZOeighn1GftxGMYe3OlWhvAoyuiuXcbf9xWHujs8r5XiBucFa3Oi9qZ6kFwt0RWB-zBr2DU2NlagHjWp6dHLnayFhPHSR-zdLHkMPrG-y_j45XeQwew0g56PSrl4h9My_XynjntXoxh0g-bn1O8yeW3mWd6Afp70mrZ8p6Nnh1RMPCltoJSs8zu_9Vhvlnfkq6DYz3nDU2JBknmQx4ENPLW-IYaBFx3JkhVny3coDs-Ag2xFMpwhRHz-gdt9lPYXKFX9VUoZIKNbzUsORFAmMVIVQvfIMl2VPnKQQUtTt8QR3kHmv9sVO82GhK7eJqO0drdAbcOACdfcAXcSyRrXIs_dFjGY7ZAmoY0LANJnp_RtS-UwfhKSjhXL8EhYsvBQzETWxiQ-wrNxoCSIu6jknJ3xKS_PhkALIsmMjjM_GBGv28LjTLcur4XYT2rJUHa3anTl6m6X35lRe8bOA34MB-isfP0Hmhzf0x0KMi4PUoNERAKtB7lKPVfYjm_Pfck7JCgdjJvhPbSdTfwniaNYCSuPCtsURpkNcnvEWEgh6zuBq8NcrHuY9XjGJBV-6iakOoW9_IlVDVimGgRvxGn4dLET-OTUlCiCPkqquu8_d-e_cztnM4poZ9Vj--Kz0JPrjLlwzTRjVRtrMde9JdS58krqUbboHfey9uheFxkw&cid=CAASBORoqjI&exk=457076748&rfl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&a_pr=13:YbdVBAAAAAAOcGLlmLOu4DXOwWo5j80a5yFHGw

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 14:04:34 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CF32 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16289ad1217dd2ab3edf91cc8903e0ba0e102fc98614809197a3520cdf880b9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK f6ea4016-f332-4ebe-86fa-5ea6d35cada6 Show response
https://www.bendigoadvertiser.com.au/ Frame D46F 195 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bendigoadvertiser.com.au/f6ea4016-f332-4ebe-86fa-5ea6d35cada6
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsight.australian_community_media/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938512a727c2ea524c8f750e278b6383abe20ad523e2aa49a4808b203a004f35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 199897
Content-Type: text/javascript

GET
H3 200 didna_prebid.js.gz Show response
storage.googleapis.com/didna-prod/latest/ Frame D46F 460 KB
138 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsight.australian_community_media/didna_config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5e06cf930a32a66b83f467231ea47aeb84ccd9cad4d844f05f3b4ff1eee205e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:47:17 GMT
content-encoding: gzip
age: 1568
x-guploader-uploadid: ADPycdvm-QttKcUiZUgGa31sTBXsQpTm3vKjn5rFWBNiP9y-HXZAg8EQLAUGwUoLsAG0oWJTUIeoIaoFZPTPgVTt6hPWBhhDwg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141179
last-modified: Thu, 09 Dec 2021 20:03:29 GMT
server: UploadServer
etag: "a02af2195452482cb8ef22aabd952a0e"
vary: Accept-Encoding
x-goog-hash: crc32c=/X/oLQ==, md5=oCryGVRSSCy47yKqvZUqDg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639080209089029
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=172800
x-goog-stored-content-length: 141179
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 15 Dec 2021 13:47:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=970&gp=711&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=143573561437&cu=1639404802526&m=2337&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=711&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=82&vx=82%3A-%3A-&pe=1%3A1469%3A1469%3A0%3A1763&as=0&ag=7&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=82&pf=0&ib=1&cc=0&bw=7&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13&cd=0&ah=13&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_4&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=195926&na=69131080&cs=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame DA5F 5 KB
3 KB 22ms
22ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=48267046;rtbwp=0.155785;rtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;js=1;adfxid=1x;8614;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.bendigoadvertiser.com.au

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1f85fea72087cbf16bb6b3ad425d2beb49cd92de5f60901bd079a44812b9df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2369
expires: -1

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E110 70 B
264 B 36ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame E110
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGYAh1wRPQYq6FTlRGI3Dvo&google_cver=1

43 B
315 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGYAh1wRPQYq6FTlRGI3Dvo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 13 Dec 2021 14:13:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGYAh1wRPQYq6FTlRGI3Dvo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E110
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y7AB6FB00F82XDAX2VHJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9AEC5MSJKFKT77CH98VV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E110
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbdVBZLxVr6rYc1TB5r7PAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECT4XF6FuhuQbGln1i0MlOw&google_cver=1&gdpr=1

43 B
1001 B

37ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECT4XF6FuhuQbGln1i0MlOw&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 14:13:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECT4XF6FuhuQbGln1i0MlOw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E110
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BFHTUwdVgVEfWYQFB1GcVQpZhVYfBtUHAVcVJt4B

43 B
1013 B

62ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BFHTUwdVgVEfWYQFB1GcVQpZhVYfBtUHAVcVJt4B
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 14:13:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BFHTUwdVgVEfWYQFB1GcVQpZhVYfBtUHAVcVJt4B
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E110
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
974 B

36ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 14:13:25 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Mon, 13 Dec 2021 14:13:25 GMT
server: nginx/1.20.0
content-length: 76

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E110
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4b4c4d15-eb1a-4e0b-b50d-63132cc09d54&expiration=1670940805

43 B
1 KB

32ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4b4c4d15-eb1a-4e0b-b50d-63132cc09d54&expiration=1670940805
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 14:13:25 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4b4c4d15-eb1a-4e0b-b50d-63132cc09d54&expiration=1670940805
date: Mon, 13 Dec 2021 14:13:25 GMT
server: Kestrel
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E110
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

79ms
45ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 14:13:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 13 Dec 2021 14:13:25 GMT

Redirect headers

date: Mon, 13 Dec 2021 14:13:25 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame E110 43 B
424 B 19ms
18ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YbdVBZLxVr6rYc1TB5r7PAAABLUAAAIB?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=188362&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:25 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=879
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 14:28:04 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/HDqnkvGEyRoc8cQQ9dJA_OHQn8g/gpt_and_prebid/ Frame D46F 64 KB
15 KB 73ms
16ms Script
text/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/HDqnkvGEyRoc8cQQ9dJA_OHQn8g/gpt_and_prebid/config.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: blob:https://www.bendigoadvertiser.com.au/f6ea4016-f332-4ebe-86fa-5ea6d35cada6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a8e9cbc0bc200371eaca84d101cc8689ceb9fba963e7c2d89227cf227eb4194

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:25 GMT
Content-Encoding: gzip
Age: 1635
X-Cache: HIT
Connection: keep-alive
Content-Length: 14613
x-amz-id-2: X9V9Q/QFT4DlJHs70/DDWJUK9UCUEiGbim33r4CrUV0XfT+n/9Tp8i3PNqOa3K3a3xnojvLGf/k=
X-Served-By: cache-cdg20727-CDG
Last-Modified: Mon, 13 Dec 2021 12:57:40 GMT
Server: AmazonS3
X-Timer: S1639404806.643808,VS0,VE1
ETag: "11d6ffdc651fd2beb1ed06b02b21bd1a"
x-amz-request-id: 8Q87EAJPRKHPT6EC
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ Frame D46F 174 KB
56 KB 84ms
27ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: blob:https://www.bendigoadvertiser.com.au/f6ea4016-f332-4ebe-86fa-5ea6d35cada6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 19:58:31 GMT
server: Apache/2.2.15 (CentOS)
etag: "1520db4-2b82d-5c4d365f5b665"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=75259
accept-ranges: bytes
content-type: text/javascript
content-length: 56867
expires: Tue, 14 Dec 2021 11:07:44 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame DA5F 35 B
503 B 21ms
21ms Ping
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=48267046&csi=GzyYxpqilQbNwEWSAlQIx4GX6clUyP_a5d2WdCoesRXZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 / Show response
trendads.reactivebetting.com/sportwetten-de/ Frame 509D 20 KB
8 KB 193ms
139ms Document
text/html 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Requested by: Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22e0bc8090cf4df4a1749ee73ff7d458784d192f5d060eb86bc79189a231f46f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/

Response headers

content-type: text/html
date: Mon, 13 Dec 2021 14:13:26 GMT
last-modified: Fri, 03 Dec 2021 11:46:53 GMT
etag: W/"289fba36fe74f157dc862058640205d4"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 1m8wpGQInIgYLwzyL1Pdhe44yIiZBzGbpM0OemX-cs1tUm_4brm8SQ==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 653C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

79ms
79ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 14:13:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 14:13:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 14:13:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B19 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:43:21 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0783 38 KB
14 KB 49ms
48ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: 0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
URL: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=69772
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 14:13:25 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame DA5F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de00844b7403330091c57415c806b882bf603724052660ea167af3d55291fed5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame DA5F 33 KB
14 KB 26ms
26ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d83c5d7125b0f6a6517bf52a5a4cffe2e5eea8d60e1c414baabf1a391442d64c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 14 Dec 2021 17:15:50 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/ Frame D46F 189 KB
61 KB 16ms
16ms Script
application/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/HDqnkvGEyRoc8cQQ9dJA_OHQn8g/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:25 GMT
Content-Encoding: gzip
Age: 635
X-Cache: HIT
Connection: keep-alive
Content-Length: 61460
x-amz-id-2: W7XJY6swrisomyWju+PT8GqF32h9RFEXT8zYyLwRzGYsnq9+0mh6I9edt8LusyWZrpZVrXTaVZM=
X-Served-By: cache-cdg20727-CDG
Last-Modified: Thu, 02 Dec 2021 17:00:39 GMT
Server: AmazonS3
X-Timer: S1639404806.765802,VS0,VE0
ETag: "0bad6e8b774e2623401e436c2a44f48e"
x-amz-request-id: VAQ5QBSSJJKQQWVH
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 885

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 51ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&domain=www.bendigoadvertiser.com.au&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.bendigoadvertiser.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.bendigoadvertiser.com.au
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1458
date: Mon, 13 Dec 2021 14:13:25 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame D46F
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F&domain=www.bendigoadvertiser.com.au&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=F6o9u3xDR2pEQnEyM1Bla2k4dFZncDRKaHFyZzZZZ0VjSWxJdjBFT1hZdzJRTU1pd2xVTGZmMDZUajlZUmM1dzF1ZlRkN0p0VW5OUEg3NEhONkRpVTZPR2JCaXB5OXgxWGkzUmxPc3JUU3FhTHd0enQxZEVIeDRDMFQyL2...

412 B
660 B

52ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=F6o9u3xDR2pEQnEyM1Bla2k4dFZncDRKaHFyZzZZZ0VjSWxJdjBFT1hZdzJRTU1pd2xVTGZmMDZUajlZUmM1dzF1ZlRkN0p0VW5OUEg3NEhONkRpVTZPR2JCaXB5OXgxWGkzUmxPc3JUU3FhTHd0enQxZEVIeDRDMFQyL21pcmdnV3lYeks5cUQ5dGdITjY5VnVqVzVVSXdOYlZ1K2p5KzFxSk9zdE1iZzVqOFZ4K2RQN2Y0ZzR2Vi9NVEU0R3R1dEcwbnF0TnFveElMK0F6enFOSVdNbjdFWkQ1R09BUjlVN2hBRUZiVGFsNXUzSzZuU05VUkxCYVlmWEpTbExnOXk2RTFjfA&cppv=2

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

68b887c897a49dcd64b0df4e7ec0a1fa53012275869045e6ad56bdd4cc8391ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2444
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:25 GMT
location: https://mug.criteo.com/sid?cpp=F6o9u3xDR2pEQnEyM1Bla2k4dFZncDRKaHFyZzZZZ0VjSWxJdjBFT1hZdzJRTU1pd2xVTGZmMDZUajlZUmM1dzF1ZlRkN0p0VW5OUEg3NEhONkRpVTZPR2JCaXB5OXgxWGkzUmxPc3JUU3FhTHd0enQxZEVIeDRDMFQyL21pcmdnV3lYeks5cUQ5dGdITjY5VnVqVzVVSXdOYlZ1K2p5KzFxSk9zdE1iZzVqOFZ4K2RQN2Y0ZzR2Vi9NVEU0R3R1dEcwbnF0TnFveElMK0F6enFOSVdNbjdFWkQ1R09BUjlVN2hBRUZiVGFsNXUzSzZuU05VUkxCYVlmWEpTbExnOXk2RTFjfA&cppv=2
strict-transport-security: max-age=86400; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1971
content-length: 509
expires: 0

GET
H2

404

insync
thrtle.com/ Frame D46F
Redirect Chain

https://px.britepool.com/new?partner_id=t
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=990a7b79-2cdc-42d4-b961-7c8f95e134ad

0
0

306ms
99ms

Image
text/html

3.220.38.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=990a7b79-2cdc-42d4-b961-7c8f95e134ad
Protocol: H2
Server: 3.220.38.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-38-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Date: Mon, 13 Dec 2021 14:13:26 GMT
Server: nginx
Vary: negotiate,Accept-Encoding
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=990a7b79-2cdc-42d4-b961-7c8f95e134ad
Cache-Control: no-cache, no-store, private
Tcn: Choice
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
X-Request-Id: 1ef7ae8b521177880c81685e6c705faf
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0783 0
42 B 64ms
14ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43608037&p=160950&s=851453&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:24 GMT
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 509D 12 KB
948 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,700

Requested by

Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f162d9444cde39ecf6b1260eef4efa09e711b5ebfc7477fce9444e13d9cae22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 13:53:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 14:13:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 14:13:25 GMT

GET
H2 200 main.ca9182b0.chunk.css
trendads.reactivebetting.com/sportwetten-de/static/css/ Frame 509D 6 KB
2 KB 8ms
7ms Stylesheet
text/css 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/css/main.ca9182b0.chunk.css
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 838d62ecfee5112a90fa736246a6b34bc008eb37df0443e118472210bd278f10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 07:13:19 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 11:48:24 GMT
server: AmazonS3
age: 25206
etag: W/"ce725a2c4bb20be47a8e03d3545e0185"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: EcOCwFybsTN3P7sUCe9Pj_4GuxIezj7iJUYDBmYyYfQkJnZG5USMdg==

GET
H2 200 22.be71779c.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 142 KB
44 KB 10ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/22.be71779c.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dabe089fa606db7c6c7c06ce501499c0c51cebdeb292efcff4b842ec61b4233c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:55:41 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 11:47:46 GMT
server: AmazonS3
age: 40665
etag: W/"93dbfa78465f0a6f195c376dd32d78af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: zjbpjk_jnliBsHUAcTMjCyEtvrYFDkZ2UtDXF883apUBb-NuTryVzQ==

GET
H2 200 main.c046e9d4.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 118 KB
32 KB 17ms
16ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/main.c046e9d4.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64070298d38d4fda4e15c2d0d702c972568113df8782b4dd6ba6fc0d3d9dd068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 04:13:38 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 11:48:23 GMT
server: AmazonS3
age: 35988
etag: W/"2b9e06d2e6ec1832293c65e49dcb85f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: gupPFypTe3S3x4fFhHS7hSeaJ7g0P6Y_qClxbX6J_ldslCjIgnSZpg==

OPTIONS
H2 200 view
trendads-swarm-api.reactivebetting.com/.crm/banner/ Frame 0
0 242ms
193ms Preflight 2606:4700:20::ac43:4972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads-swarm-api.reactivebetting.com/.crm/banner/view
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:4972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trendads.reactivebetting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://trendads.reactivebetting.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true
trace-id: dea2c18af971483c
cache-control: no-store
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LAziHa5bDXVY3xRyNMT%2BMm0DJzUdowConMVIO%2FtQ8breOeiRLITVHQ8Herh3gOt1U0vCQQUbDZ6Ajo2GrVJKSbQmOMObjZErV8TMO8WQxPiI%2FN7f1tKyuF9EkWAByJkvf3SxpoJOvJEM6%2BrruJhLmvUF5JC4TQa4YLBuRDgdinl%2FvG7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bcfcb0548c483ae-MXP

GET
H2 200 de.json Show response
trendads.betfindr.com/i18n/sportwetten-de/ Frame 509D 15 KB
5 KB 36ms
7ms Fetch
application/json 2600:9000:223f:a800:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.betfindr.com/i18n/sportwetten-de/de.json
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/main.c046e9d4.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a800:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a759c9120394fec99cf2cc8c3e591520e688ff6aca64e352859bb7fb9e728aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:08:24 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:27:17 GMT
server: AmazonS3
age: 39902
etag: W/"d38341505f42d14b8702b20d427f7f46"
vary: Origin
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: YD3qjiNZeb67U2Fg7-Rr_pTHnbZ4X-Sthr4PsWDo4Z_VmTgCLWUfcw==
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)

POST
H2 200 view
trendads-swarm-api.reactivebetting.com/.crm/banner/ Frame 509D 0
0 71ms
71ms Fetch 2606:4700:20::ac43:4972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads-swarm-api.reactivebetting.com/.crm/banner/view
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/main.c046e9d4.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:4972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://trendads.reactivebetting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Irt51bzO4PLcFs8wTQs%2BUYxMFd28UEGAbtLJqWGw5vFnn4HVNNsTLcEtHfouy7i7jF%2BWI8SuUqd7Og7%2BeYnSBfFIZjKzt09boPDno0z4MsbAIS6nIhXVXnyAORJi5tEhSMgNEdODSCE5yUWk2aREBVl3E0nqPb8Wfz%2FjLhRcPiZ043tA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://trendads.reactivebetting.com
cache-control: no-store
access-control-allow-credentials: true
trace-id: d389b494f1ac6b8b
cf-ray: 6bcfcb067c4583ae-MXP
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 116ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1139
date: Mon, 13 Dec 2021 14:13:25 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 matches Show response
trendads-swarm-api.reactivebetting.com/.sportsbet/program/ Frame 509D 161 KB
19 KB 138ms
95ms Fetch
application/json 2606:4700:20::ac43:4972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trendads-swarm-api.reactivebetting.com/.sportsbet/program/matches?language=de&matchCount=6&sport=Football&autoFill=true&supportedSports=Football%2CIcehockey%2CBasketball%2CTennis&market=MatchWin&sortBy=Popularity

Requested by

Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/main.c046e9d4.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:4972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4c54b8cd14fc6f43c038983277497af2261bb9a88e48b84794a0fe6f2c5a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIfAi%2Fe9plFT5PARaM3qAaygLEWInpyIIjbsBjzmu6GRXGKXgzr3nIaR5TUvmTrS8mcflOAePilgfxC8V3AmwHrUg9crucRJ3VzBRsfbQBtZW0ob%2F7los0Ns9cA1QByH%2BBMT%2FUIt6Ih7Fsq6F4a6MwXdhhqKoCH8eSyUrpzqcdyizc%2FF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://trendads.reactivebetting.com
access-control-allow-credentials: true
trace-id: ba6f3550080895ef
cf-ray: 6bcfcb0548cb83ae-MXP

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1639404802526&de=912309655344&rx=60141623035&m=0&ar=cc97a930ec1-clean&iw=ceff30a&q=8&cb=0&cu=1639404802526&ll=2&lm=0&ln=0&em=0&en=0&d=bendigoadvertiser.com.au%3AHackers%20targetted%20Qld%20power%20station%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1763&fs=195926&na=1644996590&cs=0
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H2 200 nr-spa-1212.min.js Show response
js-agent.newrelic.com/ 44 KB
17 KB 31ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding: gzip
etag: "8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id: ANVX8WPYJ9NM99FD
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16636
x-amz-id-2: //pISD16Bm7/1PDlW0ghswvgTyyOyXNw/emHSr2czJPEUE1eLcqp61M3L9P610qmdidTDtCabTk=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1639404806.120559,VS0,VE0
date: Mon, 13 Dec 2021 14:13:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4669

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 69ms
29ms Script
application/javascript 2606:4700:3037::6815:3c3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4832
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 44JNMB61M3NVDQKK
x-amz-id-2: n9/fJYyUwQqyGHt94QiuaMjG/+keiOaV3UAEUov0/Y2PlXPsklPLoQdY/zJ1LA3yK3lbD8pg5mI=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcRbHN%2FP00uO%2F1AwCJHogC9QKa0LS10bYHi%2FXnMIxhxZfDWB7gANFFHuDbsE1kvQG4jwNhoKvCBwOrZO%2FkrBat7CY%2FSY6Iehqb0oYhihMdvx%2FhdmG%2BSUR98dmiNCqWBd3Y74GrOlzuEKjPW80KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6bcfcb066c113752-MXP

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df0fecd11dd975d873105eab75b756fdf558a89175933c0a41cac98f1c88fd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KioqtFlZ4SyVQbmFEaMEig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: U/9rwjD2G0TqaxZfdK8AoGNsvHz8xA1wgyBaTmQZ1TxTD6BupHyjVpcIcgkaN5iegv1LH7UBZ/nT5weyWrDv+A==
x-fb-content-md5: 9543542d9939a6d608fca29c9902ae2f
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Dec 2021 14:13:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "20e0d20674b3a00ca9dddb0d2e225ad7"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 13 Dec 2021 14:31:20 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 175ms
43ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF7) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CF7)
Age: 556
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 81ms
41ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=012527284968046999840:oukmqgtfaau

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3d63f2c2180ae3119ce56dafafa66a0ad4021d4c0fe27d4ea77cbdf6103f4801

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Mon, 13 Dec 2021 14:13:26 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2917
x-xss-protection: 0
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 41ms
23ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

342ad01bbc8675868557eb1ad3d0fa92a4d543d991b2e147a323dd58a5fdbde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 14:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8631
x-xss-protection: 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 83 B
243 B 113ms
32ms Script
text/javascript 52.209.141.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.fairfaxacm.kxjsonp_optOutCheck
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.141.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-141-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: abd2f3309e4a1cb13402b633ab45cebbb7f6866537fbacb9560eb5015e7f68a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=34 t=1639404806
x-served-by: beacon-n008-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 3.614d2c1b.chunk.css
trendads.reactivebetting.com/sportwetten-de/static/css/ Frame 509D 8 KB
2 KB 7ms
7ms Stylesheet
text/css 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/css/3.614d2c1b.chunk.css
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f88e2ee185949810c3274f8b1ac44faac4b929ff7a488c40d2f8b8482ca127a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:41:23 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 11:48:24 GMT
server: AmazonS3
age: 45124
etag: W/"b25427b51f0eb82481b8335fd41db06c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: PIxTbtGHVf15QEAz5GwTZzSdoUpLE2QDiDi3W7HqEuz42UaArXGNcg==

GET
H2 200 3.5ec45ebc.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 9 KB
3 KB 7ms
7ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/3.5ec45ebc.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c6931bfd6ec6fa577e8b51c332c3f4f5048ae253622dfaa3f88e3a53154324

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:49:45 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 11:47:31 GMT
server: AmazonS3
age: 37422
etag: W/"c5142dc0dbf9b5b911424535674daf65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: y5q9XxblFJmNug4GTeTiZEfC5jf6apsH-50FZcV5IUc3-7q0gsQtSQ==

GET
H2 200 limbik-video.js Show response
api.limbik.com/static/ 4 KB
2 KB 38ms
7ms Script
application/javascript 52.222.236.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.limbik.com/static/limbik-video.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: effd0e1493054852ddf2be0882223a632c130c04fed5b910072cdd93e5ad0bb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:41:55 GMT
content-encoding: gzip
last-modified: Mon, 21 Oct 2019 21:06:57 GMT
server: AmazonS3
age: 45155
etag: W/"27ebb0437ee541c2ced94fbb72e10f61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: eZpy7S4DmlQB66uC3LjoZ3Ct4R3_KJx1RouP4k6qG88QyvNI8G9o0g==

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
22 KB

10ms
10ms

Script
application/javascript

2600:9000:236e:f800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Server: 2600:9000:236e:f800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
via: 1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
age: 118486
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21704
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
date: Sun, 12 Dec 2021 15:38:51 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: g7o06wLgn1eOuJH25bo2T5y8Xni_MR2QUlMlGJBUAz7clMOksPQyUA==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Mon, 13 Dec 2021 14:13:26 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 47ms
9ms Script
application/javascript 2600:9000:236e:f800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:f800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: uy5pwXEs6BrL6vq4YcsnuXZE0zGUg_yC
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 1012
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 13 Dec 2021 13:56:35 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 2au9lEBgp6okNyEE_X-qGEDMMXD-71lud_oKyBul81gL9_O6mLNLjQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2F%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1639404802526&de=912309655344&cu=1639404802526&m=2990&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4999&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1469%3A1469%3A0%3A1763&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=bendigoadvertiser.com.au%3AHackers%20targetted%20Qld%20power%20station%3A__page__%3A-&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195926&na=1379807968&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=703888319&t=event&ni=1&_s=9&dl=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Hackers%20targetted%20Qld%20power%20station%20%7C%20Bendigo%20Advertiser%20%7C%20Bendigo%2C%20VIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F&el=10%25&_u=aHDAiUAjRAAAAE~&jid=&gjid=&cid=54876956.1639404802&tid=UA-61683903-1&_gid=1970125787.1639404802&gtm=2wgc10KPMZ4JM&cd1=Bendigo%20Advertiser&cd2=lego1&cd3=news&cd4=latestnews&cd5=article&cd6=&cd7=08122021&cd8=&cd35=242&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2021-12-08T07%3A19%3A42%2B11%3A00&cd68=AAP&z=1285564093

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 09:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17468
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H/1.1 200
OK b2bc89fc76 Show response
bam-cell.nr-data.net/1/ 49 B
725 B 587ms
513ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/b2bc89fc76?a=98320753&v=1212.e95d35c&to=ZldVNhRRDxBSBkFYXF8dcRcIUxUKXAsaQkZLR1wDSEMVDEEMUEIdR1tSFRUKEhdcF0xuV1RGVgsK&rst=5205&ck=1&ref=https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/&ap=228&be=978&fe=5086&dc=1763&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1639404800435,%22n%22:0,%22r%22:1,%22re%22:403,%22f%22:403,%22dn%22:403,%22dne%22:403,%22c%22:403,%22ce%22:403,%22rq%22:404,%22rp%22:947,%22rpe%22:952,%22dl%22:949,%22di%22:1763,%22ds%22:1764,%22de%22:1769,%22dc%22:5062,%22l%22:5086,%22le%22:5168%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1468&fcp=1468&jsonp=NREUM.setToken
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:26 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6bcfcb076923d21c-MAN

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 286 KB
81 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4f24a446bdebdec98ae97e101d0c7232

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e30e8422e04f3611a397ff94dc8763985e9a8cab1778d524c00e5c12113e009f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dQKT/zQ9FS+7wk0hrGM9YQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82696
x-fb-rlafr: 0
x-fb-debug: 2MiZCeWyyiClGg/pUmRnffBgA0liYt4Kj9Bq7xCBxHDx4N3HwnT2N/UU2yDODXRzGHvAJYH3Ijzn4JDf8JQEXA==
x-fb-content-md5: 9c9cb081c4d6c37777dc44559fcb0e39
x-frame-options: DENY
date: Mon, 13 Dec 2021 14:13:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9c1f1a901db5c05c2cf1c23e2e927dbd"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 13 Dec 2022 13:10:11 GMT

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/54e62135847a1703/ 300 KB
99 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 08:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101668
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 20:41:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 12 Dec 2022 08:10:23 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/54e62135847a1703/ 41 KB
41 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/54e62135847a1703/default+en.css

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 08:10:23 GMT
x-content-type-options: nosniff
age: 108183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41765
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 20:41:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 12 Dec 2022 08:10:23 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 13 Dec 2021 14:34:58 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 509D 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trendads.reactivebetting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:05:06 GMT
x-content-type-options: nosniff
age: 497300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:05:06 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 509D 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trendads.reactivebetting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:53:24 GMT
x-content-type-options: nosniff
age: 498002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 19:53:24 GMT

GET
H2 200 518.46116731.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 236 B
539 B 8ms
7ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/518.46116731.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb9bedfffe1f9a22c1ca4eef19d83518be668fdf2fb5c0f634fb57ee369c7f26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 05:00:58 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:48:04 GMT
server: AmazonS3
age: 33155
etag: "18c65a41636298146a1828caee395c71"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 236
x-amz-cf-id: qo51B6tu5CsYin2_SZrr9gUKWg8-kVKO7PhcopF0aNO_i8Czfupq1A==

GET
H2 200 314.ae71907f.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 243 B
549 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/314.ae71907f.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23099e724ef4fbb8f547f2d0773847ff77d7376a8fa3c7cbc9cc232e0d8233f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 05:47:43 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:44 GMT
server: AmazonS3
age: 30344
etag: "7ec1cf7250313f63a049ba3100d4b5cc"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 243
x-amz-cf-id: W7RPxnZahMPSlJNlqytVY_MK_xHJDMZeS4CHh7uzUKRIjvBnJv0Zqw==

GET
H2 200 218.cd2ead3a.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 238 B
542 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/218.cd2ead3a.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d9fe0e4b3fbc0abedc2cf2292be52464f8b4300cd36449f09569f85c2c00f67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:14:18 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:57 GMT
server: AmazonS3
age: 53949
etag: "fac580917923f1966e7977c5cdf50b02"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 238
x-amz-cf-id: AuMJsCs14DCA_gi3uXntfCgbw0C84uqUI-Taw-JJ9i_OzCpusNXVZg==

GET
H2 200 360.a8c050c0.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 233 B
537 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/360.a8c050c0.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9444c94fea846b407cda7a84850890961fbeec4b717370499b37630ac128b265

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 22:34:28 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:48:11 GMT
server: AmazonS3
age: 56349
etag: "5ef6d0a3d8e9fc977ae511a80f798abb"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 233
x-amz-cf-id: ORrXAS-vcqmHbWlVRQwr0oRLweLc3thiNwdXBbz_N_wnsDMhNtu1CQ==

GET
H2 200 521.4209accf.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 236 B
541 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/521.4209accf.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6016dc55eca450c9f77032d8af77e85cff3f13684fd415f25c8fc6bd69bc360b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 05:14:31 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:48:07 GMT
server: AmazonS3
age: 32338
etag: "9db158603cfb312d5672ffd8cb85a91d"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 236
x-amz-cf-id: M5ihcy4NTwRy8JDe6tJQ9jKKBQwxEH4iKbpErbExaACauiHMlotAGA==

GET
H2 200 212.df2ea4e5.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 236 B
541 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/212.df2ea4e5.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 827d65fe3607658bca7c80ae1746aa7b6f5b9fd78481074621bdb7933cb7ebaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:39:55 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:27 GMT
server: AmazonS3
age: 38061
etag: "a78ef1bb180b2d18453b48b82f4c7da5"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 236
x-amz-cf-id: sGI2SfLQzCrEp-Bxw-3KAcoFlNrTSEj-eT7QDPWhMQ1Ih_3yEMR2sw==

GET
H2 200 261.e3528a73.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 240 B
545 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/261.e3528a73.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5091127d85fe8ef7c426febcc4f0dea9a297bed87c1b2f1bf2a035bf2b3ded0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 19:32:29 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:51 GMT
server: AmazonS3
age: 117802
etag: "31557d98b11118991f9886a224d6555b"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 240
x-amz-cf-id: xsMVoJ6aprL8c8yeQZEDbU-TCVBwTIFxR8C9as1p79VnYQUQceZiAg==

GET
H2 200 262.da441c4c.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 242 B
545 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/262.da441c4c.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 730504ca9c1b90b2183fa4dc9fcf2a5618c8e342d0ce131d08f5e035e95de17c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 20:28:48 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:51 GMT
server: AmazonS3
age: 63878
etag: "130eac59750912152cc1f376012bf278"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 242
x-amz-cf-id: 6Jdlc-eqL2QepSNdpCH28rUPfVT25FC9_Ds89vkXWF71VEeaVeIAcg==

GET
H2 200 305.0f8feb13.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 242 B
547 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/305.0f8feb13.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d82bfa96fd2950163c48f7fe625d8d52fc0d252d00fb8fb44854f7e271f1fc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:04:16 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:44 GMT
server: AmazonS3
age: 43751
etag: "7aeb39a91ba083b9bf67645549d654e2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 242
x-amz-cf-id: UCx_HSgFboPDRVa5uPI3CmhTl0OFIOpgYF4iPRlR4Y21JcuqWpRTpQ==

GET
H2 200 311.7e6d502e.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 234 B
538 B 8ms
8ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/311.7e6d502e.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fc84f21bba09bdf47c3f43a346e7a1562fbafa678b95108649be64fbcf66738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:39:55 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:48:03 GMT
server: AmazonS3
age: 38020
etag: "0e11e1f60f6b97a0129d05f81245f9c6"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 234
x-amz-cf-id: cLL4AHaWucLTUtNq6YBc_o7GD98_qXeMils9KKYS6Ec4V9TP4yAT2Q==

GET
H2 200 444.ce7efe1e.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 233 B
540 B 10ms
9ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/444.ce7efe1e.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5d2db04c9d9a3696e4f527eed54ae84d21345e2f7f941692cbc9e51e9d5b760

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 17:01:32 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:44 GMT
server: AmazonS3
age: 76315
etag: "74003f06b65e0db466b7117186fc4145"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 233
x-amz-cf-id: IRjY4bTUdWMKN_LyjWCC3AcbcYMOBGwDRsNwdl8aZYv_AXzUC6HXIw==

GET
H2 200 208.f929f869.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 509D 235 B
539 B 10ms
9ms Script
text/javascript 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/208.f929f869.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7b7816acc7f10a63e09790893f93a1c8b04d154d78ad71cd8651b0a46bd63da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:11:18 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:29 GMT
server: AmazonS3
age: 54129
etag: "9ed6ebb086d76aad24a6372802d04650"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-P5
content-length: 235
x-amz-cf-id: xz3WQSa4tFfL0I8fILV2s1rTQfuaaLWAAg5XgCwyZAJb06JxOBOJtg==

GET
H2 200 logo-de-300x250.3a80f3c0.svg
trendads.reactivebetting.com/sportwetten-de/static/media/ Frame 509D 21 KB
6 KB 12ms
7ms Image
image/svg+xml 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/media/logo-de-300x250.3a80f3c0.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f144aeecd94296d562b6e514c1e65fdf574cdf9f3b03c2d2b6a1d6cd6a440dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 04:36:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 11:46:55 GMT
server: AmazonS3
age: 34638
etag: W/"3a80f3c051f58f3707eaf86bac7920ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: f-NHe-oGv2wNISb85yQLfS_hsC2YqQE2_aNTrmFNd8VJb5FjDpmWKQ==

GET
H2 200 18+.ff055e36.svg
trendads.reactivebetting.com/sportwetten-de/static/media/ Frame 509D 2 KB
1 KB 10ms
8ms Image
image/svg+xml 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/media/18+.ff055e36.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d49d9ebc548f538e2700aab93d6e3fc176246c8c8fd9fdce07e9c4728defb083

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 04:26:33 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 11:47:05 GMT
server: AmazonS3
age: 35214
etag: W/"ff055e36e00598fa3689d1e5cc680fe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: MHEL-EiYr6CTd4B_BCUd7fJ6Z3NlHypiQiJGRzwibjbiac2sh6c6YQ==

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 8ms
7ms Script
application/javascript 2600:9000:236e:f800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:f800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: lGCM3J1T752RkCkyvC4YTmc2da4EfDQV
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 2318
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 13 Dec 2021 13:34:51 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: EdWAvFqHo0l711e37fNEcIRgSOacwxJ2D4AjCtvKgsuog4Khbn-KQA==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5754 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 14:04:53 GMT
expires: Tue, 13 Dec 2022 14:04:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F0B9 783 B
534 B 17ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10867f2c6ee8a828a2c3fadd5a113627cbb654dd2c31f2e25a9eefa41f088a55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ffiWlvOqwmuUN+sFhRGFUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 14:13:26 GMT
date: Mon, 13 Dec 2021 14:13:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ffiWlvOqwmuUN+sFhRGFUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 134 KB
49 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b11cc220c450ea908b5809d71ab33cff5d83d79b6a7ee84292d8540ab2155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "4804443677429469575"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 42ms
6ms Image
text/plain 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 04:12:47 GMT
x-content-type-options: nosniff
age: 295239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 10 Dec 2022 04:12:47 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 60ms
7ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:13:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame C0AD 319 KB
103 KB 43ms
43ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.bendigoadvertiser.com.au
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 323224
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 13 Dec 2021 14:13:26 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C6F 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPOoROnxiD9ZdcsgZcUBFrsXQtetBhIp0gDEjRqb9s2QTPnSIyhcMBC2KGu7Urfsvj5OlbtR7pd5ZjLRzrx0RTZg&sig=Cg0ArKJSzHuCXaZ2S8MsEAE&cid=CAASF-Ro3fcJJHnv0y5UkB9U8Pw624xw8Nyc&id=lidar2&mcvt=1057&p=219,315,469,1285&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=697484641&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639404804303&rpt=470&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 VfB%20Stuttgart.220fa7d6.png
trendads.reactivebetting.com/sportwetten-de/static/media/ Frame 509D 12 KB
12 KB 8ms
8ms Image
image/png 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/media/VfB%20Stuttgart.220fa7d6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38dd019f54db92f484aaa0c299a6aa0f4afa336302003dc7de7b8db2bc69da8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:37:31 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:22 GMT
server: AmazonS3
age: 45393
etag: "220fa7d654241adba467af530c02836a"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P5
content-length: 12415
x-amz-cf-id: nq97jUVYymeVBZWWlCra_EuEjuWpYwzKx0LW-dkZI1CuXB9eQT7wVg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=219&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=428654132534&cu=1639404802526&m=3345&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=219&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1469%3A1469%3A5167%3A1763&as=1&ag=1128&an=106&gi=1&gf=1128&gg=106&ix=1128&ic=1128&ez=1&ck=1128&kw=983&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1128&bx=106&ci=1128&jz=983&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=983&cd=211&ah=983&am=211&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_3&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195926&na=984436584&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H2 200 FC%20Bayern%20M%C3%BCnchen.16a8e3a9.png
trendads.reactivebetting.com/sportwetten-de/static/media/ Frame 509D 12 KB
12 KB 8ms
7ms Image
image/png 2600:9000:223f:5c00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/media/FC%20Bayern%20M%C3%BCnchen.16a8e3a9.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0090796c5acb22dd02e0a8b576753ba57f36751b61e54620b7c2c96b07477f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=0.155785;crtbdata=7Us6F5OHvNzbEEHd51QG_fNyI_K2E8ecAXT-D5yDslbnwZFpJ4lTrN43O3WlA45BikSyMY6XAlwAG0t_yrXxAsyBLoO-d8FqeXjrCwFSbAbpRiN5AwMb0gA87-V7rVl9NYaalE55eP4noBlWPbPhltF3MtK7KzhNrYIqL0oDUqB2xehpuh_j1JlAUjMivdzHnJlO1_PWswwVqmOsRn-g4KiFfuRD7v8YxakNES7v5-zpIH9i011DsxGCeQTyRVKNeecmSD_vGaYjjnK2pD8hAFizSQQ3ZVB-M87LFSeQJeNgAuRyxb5ew0HhIpkoas3H0;adfibeg=0;cdata=uwePL8LzkQpD6ADaMDus5adeMxdv2rQu4ZMfosbziZ1sp1OWgcnCtZilwBzo4YYE2_4Z4rmcEAy7ob3vYnRdY_z8-EKJHVaLqU3n2qjTuTQp3-HcdHOt-mT0lQkXAT8x0;;CREFURL=https%3a%2f%2fwww.bendigoadvertiser.com.au;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 22:07:55 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:47:13 GMT
server: AmazonS3
age: 57955
etag: "16a8e3a9604dc57f9df2c1771cb108d5"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P5
content-length: 12044
x-amz-cf-id: neTS4PkVRgxi8C5IvxoAdnzQZx4L_UxyVq86FkxCMqsxUTQdTy-RqQ==

GET
H3

200

/
www.facebook.com/login/ Frame 9519
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e0a3f911f0b8c%26...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

130ms
129ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0a3f911f0b8c%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4f24a446bdebdec98ae97e101d0c7232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ft42oouXDXyc+5kAqatkVbpjkRpqGlM4LwW66zVTnxVLz/myQOUzvXwcGx6dDimUd8XwyRLNMeaBxkHoTCfCWQ==
date: Mon, 13 Dec 2021 14:13:26 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0a3f911f0b8c%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 8VRhxtzROKBI4QUZKZsOPhWXh4BadKSzBUWXpDuqfkatQ1z7UlTUjTrhb3dJSDNxF1ZtsDYjKZTXz7g55eP52A==
content-length: 0
date: Mon, 13 Dec 2021 14:13:26 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

GET
H3

200

/
www.facebook.com/login/ Frame 16DD
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa0c41cc6b111%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

139ms
138ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa0c41cc6b111%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4f24a446bdebdec98ae97e101d0c7232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: g6wab7CEjGZgwk50CzwDeqzf+N1kFAAQXIlZcs/tmnZqJOEl/EGNdGFc+PQkdZM7TBzfcW2tPyetoZZ34taQEQ==
date: Mon, 13 Dec 2021 14:13:26 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa0c41cc6b111%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: nHSAduG3PX2pfqmP7w/882TyiuySo5/mQy9tEAyb5JXPH7HlM+Bu4ZVrR+aFeMFJqbuXUjUBZ6UWDZCgtbJoag==
content-length: 0
date: Mon, 13 Dec 2021 14:13:26 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df0fecd11dd975d873105eab75b756fdf558a89175933c0a41cac98f1c88fd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KioqtFlZ4SyVQbmFEaMEig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: U/9rwjD2G0TqaxZfdK8AoGNsvHz8xA1wgyBaTmQZ1TxTD6BupHyjVpcIcgkaN5iegv1LH7UBZ/nT5weyWrDv+A==
x-fb-content-md5: 9543542d9939a6d608fca29c9902ae2f
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Dec 2021 14:13:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "20e0d20674b3a00ca9dddb0d2e225ad7"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 13 Dec 2021 14:31:20 GMT

GET
H/1.1 200
OK aws-sdk-2.518.0.min.js Show response
sdk.amazonaws.com/js/ 2 MB
282 KB 63ms
9ms Script
application/javascript 18.66.112.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.amazonaws.com/js/aws-sdk-2.518.0.min.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aeb0726952dc3ab1980c871c4c639bf4ce444031b94f029c1e3c32ed4e03d140

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 21:48:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Aug 2019 18:24:23 GMT
Server: AmazonS3
Age: 117150
ETag: W/"30472bfe7efe0e2fea9a78f07cf13e44"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: gVKyLB1v2Uc06Uwa6UPu75Xi4l1yiQt_crYtgO6IhQDRwtTosmb_Xg==

GET
H2 200 PB72EE1A8-07F2-44C3-8976-D1CD6E05DA0B.js Show response
cdn-gl.imrworldwide.com/conf/ 33 KB
7 KB 18ms
18ms Script
application/javascript 2600:9000:236e:f800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PB72EE1A8-07F2-44C3-8976-D1CD6E05DA0B.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:f800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a54f38a6204b9df81db852236e1e593fd53e5685fa0f9890abbad52a6013a0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wLcHdJ2RMuUMbudt2EIc3ZV.bRH2YQ2F
content-encoding: gzip
etag: W/"757b19d08399793ea0fb2af5edb8773d"
last-modified: Mon, 13 Dec 2021 09:17:56 GMT
server: AmazonS3
age: 2935
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Mon, 13 Dec 2021 13:24:32 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: JpoeY8ccj70plda6fqHUSyWT5HAOn9FHRRiGrfWSYFkbtGCnicrJig==

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame 1DEE 11 KB
4 KB 75ms
31ms Document
text/html 2600:9000:2240:a400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Mon, 13 Dec 2021 14:13:26 GMT
server: nginx
last-modified: Fri, 19 Nov 2021 15:15:21 GMT
etag: W/"6197bf89-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: EyNtSbG8cWwrAGWayX-fuVl9Uz-H1tg3QyWwKQvzBpVPrKTI44RmuA==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=219&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=428654132534&cu=1639404802526&m=3346&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=219&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1469%3A1469%3A5167%3A1763&as=1&ag=1128&an=1128&gi=1&gf=1128&gg=1128&ix=1128&ic=1128&ez=1&ck=1128&kw=983&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1128&bx=1128&ci=1128&jz=983&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=983&cd=983&ah=983&am=983&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_3&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195926&na=1028422888&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F0B9 0
0 56ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=4480842048909003&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF32 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf1WXxsSJZeLMV15-yfkzzGijZ2znWU7SqZPMtxrrHbxBbOrEHO8-wFJKrFU99BpyRNqlq78uw-CWnIbEZT5E7pCVuQKNDdei6v44-RX9rVhtazo4&sig=Cg0ArKJSzOf7iN_-i-vDEAE&cid=CAASFeRouqgsdIfdKDv0H5kZGtoFyJdAlQ&id=lidar2&mcvt=1003&p=0,0,250,970&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3606295681&exk=457076748&rs=5&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639404804629&rpt=301&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 193 KB
54 KB 10ms
9ms Script
application/javascript 2600:9000:236e:f800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:f800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
content-encoding: gzip
etag: W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 1416
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 13 Dec 2021 13:49:51 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -8i3nqjBA1VsyazSa5F8NQsCvYmy8Z7-KsirmWb3hrt4GleN2BvJgQ==

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5754 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:43:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=219&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=428654132534&cu=1639404802526&m=3346&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=219&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1469%3A1469%3A5167%3A1763&as=1&ag=1128&an=1128&gi=1&gf=1128&gg=1128&ix=1128&ic=1128&ez=1&ck=1128&kw=983&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1128&bx=1128&ci=1128&jz=983&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=983&cd=983&ah=983&am=983&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_3&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195926&na=1046637209&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C0AD 232 B
446 B 142ms
119ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=424b53e77b7976c9171ba6e35bd5f36925a0c44e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.bendigoadvertiser.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 13 Dec 2021 14:13:26 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 14:13:26 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 7c465fceda95aa122a296fd8ccc3c784a17f1cc5f911bae61a12de321aca0348
content-length: 166

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=970&gp=711&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=143573561437&cu=1639404802526&m=3347&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=711&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=82&vx=82%3A-%3A-&pe=1%3A1469%3A1469%3A5167%3A1763&as=1&ag=1016&an=7&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1016&kw=772&aj=1&pg=82&pf=82&ib=1&cc=1&bw=1016&bx=7&ci=1016&jz=772&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=772&cd=13&ah=772&am=13&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_4&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=195926&na=1942543394&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:26 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 3E14 12 KB
4 KB 9ms
8ms Document
text/html 2600:9000:236e:f800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:f800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/

Response headers

content-type: text/html
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server: AmazonS3
content-encoding: gzip
date: Mon, 13 Dec 2021 13:50:11 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 43i17ou253IGwl5j7Ujo2hLVm2AhRGoMxttAJQfe0Vb_7uQlhrBXbg==
age: 1396

GET
H2 200 tracking-script.js Show response
api.limbik.com/static/ 153 KB
39 KB 42ms
16ms Script
application/javascript 52.222.236.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.limbik.com/static/tracking-script.js
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a3ab3568b5bf4220fb3df0eff5b06ba73dafbea4fee60ebff8a98b21df67aa7

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Origin: https://www.bendigoadvertiser.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 04:24:06 GMT
content-encoding: gzip
last-modified: Mon, 21 Oct 2019 21:06:57 GMT
server: AmazonS3
age: 35361
etag: W/"f87629eaca124c271d70c7b74c142577"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Th-heoeTr8l5DPx7FmBEG9oz7BPYPltCtfaaHLJ4eYglPA4g1GNZTg==
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)

GET
H3

200

/
www.facebook.com/login/ Frame D871
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df133ad9d6c28ba8%26...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

111ms
110ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df133ad9d6c28ba8%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4f24a446bdebdec98ae97e101d0c7232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: EJwylTVCnqo2YMLOUumLIXw621MwQgsHEofkqdF8Koniww1VjE3PZzs1PNJgmoOF24wO1WyKsdDGJ4KR3AVE0w==
date: Mon, 13 Dec 2021 14:13:26 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df133ad9d6c28ba8%2526domain%253Dwww.bendigoadvertiser.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bendigoadvertiser.com.au%25252Ff5e9a2b17b22a4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Bendigo-Advertiser%252F301746202026%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: slJ4SzOMI/a/kyiOMv7APueOxXnUQsMPxAKIC02BvC1i9OBUhxWSiQeOxHdN+TPveajhjmzX9k39pZGHpJmRow==
content-length: 0
date: Mon, 13 Dec 2021 14:13:26 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DA5F 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIFbuJr3Qy8HTvuHJ4Adp4xQwguJaZdFA2qEvM2HBy4n6XMO7T2tEa0tsDSurYeZx6p6uXIdlKrnF0AenAI1wqtg&sig=Cg0ArKJSzDjGRV0NY0hGEAE&cid=CAASF-RogHSOOy9ab0NbSxGdJRQqRzvp24xB&id=lidar2&mcvt=1065&p=711,970,1311,1270&mtos=0,1065,1065,1065,1065&tos=0,1065,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=20&adk=4201336436&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639404804310&rpt=780&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gaAccount Show response
buy-au.piano.io/api/v3/anon/assets/ 110 B
507 B 691ms
690ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/api/v3/anon/assets/gaAccount?aid=XxwEsdXWKB&tbc=%7Bkpbx%7DDtyDKH5lyQAHh6GV8T8b4RQe-PnoPtwtXVrc4Z1_zdCMz72cNhROtJ6rHbMCaMzdtJ0petTJJrCvNztbNb6OJJvvDByHCdy1dUel-ZUKqIU&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery1124048310464988743584_1639404801865&_=1639404801867

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f7dcd51d37ae6f8d3ceb197ccc9f940405de3e4c10cd1e574426c0c70b5225a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6bcfcb0a28ec59bf-MXP
date: Mon, 13 Dec 2021 14:13:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
wn: prod-au-dash-10-1-3-40
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.006
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cfu424rGKN1

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
522 B 35ms
35ms Image
image/gif 2600:9000:2240:a400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1639404806184&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&sr=1600x1200&id=lstrg-f84405142263cc19a7e8a2b2b0054e88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: G4NoR7w6QaqiIzs__4eA7oipTiveWDMbvoM1_SG2BP95oatJfeCBXg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 gaAccount Show response
buy-au.piano.io/api/v3/anon/assets/ 81 B
487 B 1231ms
1231ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f31ba6e16630774dd524f9a14643c28fd41813871e6e5612a3a8190b1460aa17

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6bcfcb0b8da359bf-MXP
date: Mon, 13 Dec 2021 14:13:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
wn: prod-au-dash-10-1-3-40
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.006
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cgu424rglKx

GET
H3 200 gaAccount Show response
buy-au.piano.io/api/v3/anon/assets/ 110 B
507 B 317ms
317ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab4ca57652e2a04681a1fa72bd496d13acf6e1bcf419fcbbef9a8c20c52f1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6bcfcb0bae1559bf-MXP
date: Mon, 13 Dec 2021 14:13:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
wn: prod-au-dash-10-1-3-40
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.005
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cfu424rhuL5

POST
H2 200 /
track.adform.net/serving/unload/ Frame DA5F 35 B
503 B 22ms
22ms Ping
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@48267046,7128116646599425649,82|1068|0|0|0|0|0|0|0||82|1|84|46913998-59B6-43DD-9D19-A5AF704B2A80_1|||1|0|0|7D1IRECGPnTi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 3E14 44 B
561 B 34ms
33ms Image
image/gif 34.247.138.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PB72EE1A8-07F2-44C3-8976-D1CD6E05DA0B&sessionId=rziuhdghvxqz5hblufqkvcvnr3trr1639404806&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.138.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-138-28.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:27 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
rziuhdghvxqz5hblufqkvcvnr3trr1639404806.nuid.imrworldwide.com/ Frame 3E14 35 B
349 B 47ms
6ms Image
image/gif 2600:9000:223f:b000:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rziuhdghvxqz5hblufqkvcvnr3trr1639404806.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b000:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:16:07 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 44817
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 35
x-amz-cf-id: DxRu1mUOQ5V9lir53Ezyz89sbW2hMDqhhG3F1Rfh1D-TztXwrBSsTw==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 14 B
253 B 323ms
105ms XHR
text/plain 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?
Requested by: Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-199.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 79e3d72fe46caad8613f21b19bd91f2cc6d1f4d1db19490d266a34cec79156e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 14:13:27 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.bendigoadvertiser.com.au
Connection: keep-alive
Content-Length: 14

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=4480842048909003&bg=!SEulSw_NAAZKWFskSlg7ACkAdvg8Wg2jbU7yiNAhOb3DaVQ4WcxNiIOFdFQB-UzcmvhqqNxNBjM9fQIAAAHMUgAAAAtoAQcKALSobP174h33AoM9eA5bF7OXlyKtpKayOISJEH0zznj45NhbuyX0Tv6n8pr5s7AZ30Rk-iwjCDX4oV9qxutsnyDuvPtXRTLy1YKQA8Ko1KsgHMqfNOxLAX7ot4MYqknOi3_lb9FFBu_Eanrv4ixOA_CbKw5z0OqI9Q_khR1noPcvNxk9zPt6hadiuP5_4625DLohjbWeA3nLOYJL045d3FshWHq9eWHeNVfb5fwCYTpKIUz-k6SZAsj15kKw_tE-UzxCHQuz042zJ1LM28AZOEDyBtVCMikqBZl-ylZufCufpFmYSvJkn3KC0CNQWhFiXFad5dJP6lKQz28_lIxDpeElMqV982Xb87X3wz73AXueHonhehGBofh4hI391qs7G6-C_GfVZ9sYHLEaMoqb28C0uu4Nf4z03n_6oHdwwdUDM_SskapVNyD-cmH5T8dYjF81W4S6WOVx6GXZIE5jHidqXEavLNdrGI7tdHQCfQ1yjRgyhQ8mxjzjzWGak7PDPXy-JRGVKH_gwxCwCHoEba0dlBv0dHgy9uerSMtfe_F3BkmEM9Sw3LoDBAw-sYU8f6lwmfXx4O6oXhjXhlZ9UPs-wjvgxBIF7tPaio77T-K2NfbcpM_XSJOAuIGrxF_vkFCgzsYGzK_BgQORxQzWZYzY43ukq9R2jHdsTB6dx7NnSn53i2SPBsm2gmAsJT2ZpHLH5V-BNr53wNurgVAbu62rWySVGk2WWbOhrvTb3ct0VQRxbcvFsmUmgn4m-GpKcclOaUV5MBSV8uhOKLOzqKXSc5yVBZAD1hVT8LGtPkcFCBeIaZ_iWZnc9pvsK_J0FNFlpP4M00aQaWu0GurY8kqjUjt9g7uBGoYL5iq-ucywukM36mShuPkPFpy2VB8a4PHCf4nEb5le5HSuPwhLuXn2DS8cC3fMU_TFnTII-6BelGjrgKfyANODqTZ2DZ_2-1aJvYPOhfht4_wjrgHCUXeNObxyKQHIeEv9pNqldK55rqbv3RcIUsQNvlc6Gpz7CJsoEOxiy_W9ywPQhu9-ppbdSGFE2WOUp9x6qYNSgWYymDPktdNgzie7vfnXDiSxSpyiFI9LiqBeUg8E8zEPFsMKmWR67ak4JtrYPZGstoPMQ0Z_VebZoZXYlq_MVm4uUHQyTzpdkmdstwHCU89E8KcAhuVbQirDiPV6ctCwt8wV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gaAccount Show response
buy-au.piano.io/api/v3/anon/assets/ 110 B
507 B 308ms
308ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e2154dfbf3344885df970a717ccdce5947d2f0f271b3aee0c77568d1a1c563

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6bcfcb0ca93f59bf-MXP
date: Mon, 13 Dec 2021 14:13:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
wn: prod-au-dash-10-1-3-40
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.006
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cfu424rAUPx

GET
H3 200 gaAccount Show response
buy-au.piano.io/api/v3/anon/assets/ 110 B
506 B 575ms
575ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf9fc46e2fd075c44c3ad6fd986bf53c02c14b02c4d06e9ea848a1565647651

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6bcfcb0cb97059bf-MXP
date: Mon, 13 Dec 2021 14:13:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
wn: prod-au-dash-10-1-3-40
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.005
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cfu424r0mcA

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bendigoadvertiser.com.au
URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4341
date: Mon, 13 Dec 2021 13:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 15:01:06 GMT

POST id
api.britepool.com/v1/britepool/ Frame D46F 0
0

POST
H/1.1 200 725.json Show response
id5-sync.com/g/v2/ Frame D46F 213 B
546 B 42ms
9ms XHR
application/json 51.195.5.38
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/725.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.38 , France, ASN16276 (OVH, FR),

Reverse DNS

p16.id5-sync.com

Software

Resource Hash

d96a0afbd4919368937b61c61aea4e4e87f855f23f512205119bef66a1346793

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bendigoadvertiser.com.au
Date: Mon, 13 Dec 2021 14:13:15 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame D46F 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame D46F 63 B
346 B 127ms
47ms XHR
application/json 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bff5a68b4b313fc6406e03b0b69df7e8777122b47c633249cdc2f35aa6c59d83

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: no-cache
x-server: 10.45.3.123
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ Frame D46F 0
223 B 534ms
174ms XHR
text/plain 54.218.247.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.247.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-247-33.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bendigoadvertiser.com.au
pragma: no-cache
date: Mon, 13 Dec 2021 14:13:28 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame D46F 108 B
550 B 33ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 88a64b2ad2204b83688d3ae0e1482baf94a1c17ce259e6589b4607d38aba8654

Request headers

Referer: https://www.bendigoadvertiser.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 13 Dec 2021 14:13:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bendigoadvertiser.com.au
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Wed, 12 Jan 2022 14:13:27 GMT

OPTIONS id
api.britepool.com/v1/britepool/ Frame 0
0

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
368 B 34ms
34ms Image
image/gif 34.247.138.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_c103_Bendigo%20Advertiser%20-%20Other_S&asn=Bendigo%20Advertiser%20-%20Other&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=rziuhdghvxqz5hblufqkvcvnr3trr1639404806&prv=1&c6=vc,c103&ca=NA&c13=asid,PB72EE1A8-07F2-44C3-8976-D1CD6E05DA0B&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,bendigoadvertiser&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,yrxskdo0yesqdaepdwgaugrdafd5g1639404806&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16394048060554495&c30=bldv,6.0.0.615&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=7542491&c3=st,c&c64=starttm,1639404808&adid=7542491&c58=isLive,false&c59=sesid,&c61=createtm,1639404808&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1639404808&rnd=460441
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.138.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-138-28.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:29 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=219&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=428654132534&cu=1639404802526&m=7303&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=219&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1469%3A1469%3A5167%3A1763&as=1&ag=5086&an=1128&gi=1&gf=5086&gg=1128&ix=5086&ic=5086&ez=1&ck=1128&kw=983&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5086&bx=1128&ci=1128&jz=983&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4990&cd=983&ah=4990&am=983&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_3&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195926&na=1321296119&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=bendigoadvertiser&zMoatAdUnit2=news&zMoatAdUnit3=latestnews&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=970&gp=711&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1639404802526&de=143573561437&cu=1639404802526&m=7510&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=711&lb=4999&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=82&vx=82%3A-%3A-&pe=1%3A1469%3A1469%3A5167%3A1763&as=1&ag=5181&an=1016&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1016&kw=772&aj=1&pg=82&pf=82&ib=1&cc=1&bw=5181&bx=1016&ci=1016&jz=772&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4980&cd=772&ah=4980&am=772&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbendigoadvertiser%2Fnews%2Flatestnews_4&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=195926&na=795774221&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:30 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame DA5F 35 B
503 B 21ms
21ms Ping
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@48267046,7128116646599425649,82|4900|0|0|0|0|0|0|0||374|1|84|46913998-59B6-43DD-9D19-A5AF704B2A80_1|||1|0|0|7D1IRECGPnTi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pXTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-TQhCXLleOPQ59g%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=tJ4JU*FTLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=60141623035&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=4999&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=4999&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.bendigoadvertiser.com.au%2Fstory%2F7542491%2Fhackers-targetted-qld-power-station%2F%3Fcs%3D12&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1639404802526&de=912309655344&cu=1639404802526&m=8116&ar=cc97a930ec1-clean&iw=ceff30a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1469%3A1469%3A5167%3A1763&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5132&cd=0&ah=5132&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=bendigoadvertiser.com.au%3AHackers%20targetted%20Qld%20power%20station%3A__page__%3A-&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195926&na=103437765&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bendigoadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 14:13:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Dec 2021 14:13:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css

Domain: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=26

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bendigoadvertiser.com.au/	1970-01-20 08:07:34	Name: csrftoken Value: VU8DwUiNqxiQEX5pFws6HzJwYvBWqEOZy3dkuWgcfMIvyxFY6YDuDRvmI9jOaWp9
.piano.io/	1970-01-19 23:23:26	Name: __cf_bm Value: kzOedhb_SyeUAnAvEy8wLdqpy7.5fg781BhcRnB1558-1639404802-0-AWgpJQ/I8aFqQ3xdHzRP6Rk2Aa7E+gB1t5BBzcrcwhHLycEFYUyjDf3xhP1PvCsLfKJ8sQWC5snDYCClzwI15Ac=
.bendigoadvertiser.com.au/	1970-01-20 01:33:00	Name: _gcl_au Value: 1.1.2045354207.1639404802
.bendigoadvertiser.com.au/	1970-01-19 23:24:51	Name: _gid Value: GA1.3.1970125787.1639404802
www.bendigoadvertiser.com.au/	1970-01-20 08:52:12	Name: _cb_ls Value: 1
.adsrvr.org/	1970-01-20 08:09:00	Name: TDID Value: e6b4cd11-3ffb-42fd-9304-11f56ed30cfe
.bendigoadvertiser.com.au/	1970-01-20 01:33:00	Name: _fbp Value: fb.2.1639404802727.124990351
www.bendigoadvertiser.com.au/	1970-01-20 08:52:12	Name: _cb Value: C8BKNIw9sfgDeAgCf
www.bendigoadvertiser.com.au/	1970-01-20 08:52:12	Name: _chartbeat2 Value: .1639404802797.1639404802797.1.CNE_7oCQiPP1Pm2Q_CWieCBicWir.1
www.bendigoadvertiser.com.au/	1970-01-19 23:23:26	Name: _cb_svref Value: null
.piano.io/	1969-12-31 23:59:59	Name: JSESSIONID Value: A7C3F5E67DFDD052CF56C70A9FC917B1
.piano.io/	1969-12-31 23:59:59	Name: AWSELB Value: 35A94D350EDA402924DBC921F6F06EE1A15E2C6C3FFC354917F5CD986C8BB2E9C89AD9E4256DFA96DF70D9018209982B1231FF78D8C8538F3D70F0F6F9D5654A427BD6BE7966052AAF3162F6EADBBC8F0041CAAA5B
.bendigoadvertiser.com.au/	1970-01-19 23:23:24	Name: _dc_gtm_UA-61683903-1 Value: 1
.bendigoadvertiser.com.au/	1970-01-19 23:23:24	Name: _dc_gtm_UA-16730067-9 Value: 1
.doubleclick.net/	1970-01-20 08:45:00	Name: IDE Value: AHWqTUllcUV-7W5S0LNaXAwRrNsV8kv-p4WyrPnQn1nge2WqH4eAFq3li6s7OFuZu50
.bendigoadvertiser.com.au/	1970-01-20 16:54:36	Name: _ga_7PC84FGF0J Value: GS1.1.1639404803.1.0.1639404803.60
.bendigoadvertiser.com.au/	1970-01-20 16:54:36	Name: _ga Value: GA1.3.54876956.1639404802
.krxd.net/	1970-01-20 03:42:36	Name: _kuid_ Value: OidNnmlq
.bendigoadvertiser.com.au/	1970-01-20 16:54:36	Name: __tbc Value: %7Bkpbx%7DDtyDKH5lyQAHh6GV8T8b4RQe-PnoPtwtXVrc4Z1_zdCMz72cNhROtJ6rHbMCaMzdtJ0petTJJrCvNztbNb6OJJvvDByHCdy1dUel-ZUKqIU
.bendigoadvertiser.com.au/	1970-01-20 16:54:36	Name: cX_P Value: SrMme3CyjORpU5d7PGitGW06IBpxpeOjAsDOl43olvnNen4yrzxw3Cr4IGja
.bendigoadvertiser.com.au/	1970-01-20 00:06:36	Name: __pat Value: 39600000
.bendigoadvertiser.com.au/	1970-01-19 23:24:51	Name: __pvi Value: %7B%22id%22%3A%22v-kx4rahce3mrr0mob%22%2C%22domain%22%3A%22.bendigoadvertiser.com.au%22%2C%22time%22%3A1639404803707%7D
.bendigoadvertiser.com.au/	1970-01-20 16:54:36	Name: xbc Value: %7Bkpbx%7DifsBguJkrjehVHlf7ws1SaYIICvAsNadKoQSKqRSOaw-ueWI1aQvBbE4qZiUTOYtEIjPsdl_zGSzPwOBSkY3sE4eubpUJ9kaggzBUQQM-cs3censxAksUD8A3957uG-PaGFwsF0wop8B9EJ5p4TBgKJs-4bePU5V5h50biwAuLnx_FFyc2J49cFJquuwM5aVbt1JARERkuXGyU3jCcTjg_SmEUm3Tu4C-cGkmNwRy2Ucl__sYgRGi_FNkFZfHFPx0A1-L4T58FYhlSa3diktQ-b79zJE2TYJfOyZLF_xXUfhREIOwRlyB9xvs5qvaAxagF5b41TaEFJ5xvDehz2vg_2d1NXNIjjAFOdAEdtZdNbrLgNcxqA_-EcO7mWi5dUQ0lhd1pK69lAD4NALp0p0iEDTzfVOdkKWdyXMB-Gik7UVq1oz9zbCs93mvysXgHdU
.rubiconproject.com/	1970-01-20 08:09:00	Name: khaos Value: KX4RAIWT-1-EE81
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/	1970-01-20 08:09:00	Name: audit Value: 1\|naVuGyos1qpnemdzotABdAlE2IyiwyordnwCfVF8zn5yH6GfBxt1tj64cmtvu6g5bPyUn0b+VT+kz35DF4QBiNaMONmywvcbmg9bzuAdt53bYqU/1DkidhuybVyVU0yt
.bendigoadvertiser.com.au/	1970-01-20 08:45:00	Name: __gads Value: ID=f28dbfbb2b0ae390:T=1639404803:S=ALNI_Ma9tDHj9vU5MR5cjNMBnMw0D1IXZA
www.bendigoadvertiser.com.au/	1970-01-19 23:23:26	Name: _sp_ses.5f79 Value: *
www.bendigoadvertiser.com.au/	1970-01-20 16:54:36	Name: _sp_id.5f79 Value: 298cdb04-7c41-4963-b1cf-06e62d32ebf1.1639404804.1.1639404804.1639404804.20b2bc7a-a271-4b11-87c0-5de9acbe73d1
.unsplash.com/	1970-01-20 08:09:00	Name: ugid Value: a5ab818d35e78cf390d5cf2a20e480785464682
.casalemedia.com/	1970-01-20 08:09:00	Name: CMID Value: YbdVBZLxVr6rYc1TB5r7PAAA
.casalemedia.com/	1970-01-20 01:33:00	Name: CMPS Value: 5208
.casalemedia.com/	1970-01-20 01:33:00	Name: CMPRO Value: 1205
.casalemedia.com/	1970-01-19 23:24:51	Name: CMST Value: YbdVBWG3VQUA
.quantserve.com/	1970-01-20 01:33:00	Name: d Value: ECYBDQH5JLjvsQA
.quantserve.com/	1970-01-20 08:53:39	Name: mc Value: 61b75505-95a51-18942-fdc37
www.bendigoadvertiser.com.au/	1970-01-20 00:06:36	Name: _pbjs_userid_consent_data Value: 3524755945110770
.doubleclick.net/	1970-01-19 23:23:28	Name: DSID Value: NO_DATA
.bendigoadvertiser.com.au/	1970-01-20 03:42:36	Name: _pubcid Value: 8e736633-37b0-4a0e-8800-53f586c2697c
beacon.lynx.cognitivlabs.com/	1970-01-20 08:09:00	Name: UID Value: 4b4c4d15-eb1a-4e0b-b50d-63132cc09d54
beacon.lynx.cognitivlabs.com/	1970-01-20 08:09:00	Name: ss Value: ItH7T%2BVmhBxL53nt%2FGYFofVbfgf0255YSXBFwppUY%2FODT00XYDx5ZP3Rw3RM8pJW6RGpT4wYPWism9kLdzmstg%3D%3D
.casalemedia.com/	1970-01-20 08:09:00	Name: CMRUM3 Value: 0861b7550527604b4c4d15-eb1a-4e0b-b50d-63132cc09d54&2761b755050b40&5161b7550505a0&f161b7550505a0&6961b7550505a00&2d61b755052760CAESECT4XF6FuhuQbGln1i0MlOw&c461b7550505a0&e661b755052760
www.bendigoadvertiser.com.au/	1970-01-20 08:45:00	Name: cto_bidid Value: SPkSoF9NVTlLTDRNNkpPOE9TUzlZZXZrUlpQWTFRVmd3c3hLQWhJUnl2WXVXZmpzbW1ESFBlSko4bFd4OGZ2Y2p2N2F4RjFFWkRwQzBDN1lzaCUyQmRyY0RqJTJCR0ttSTFFOWQzbnZYWFZLaHBXR3glMkZrWSUzRA
www.bendigoadvertiser.com.au/	1970-01-20 08:45:00	Name: cto_bundle Value: oHfHeV82MDgyeHFqak1ycXdiSzJ2QWJhYklacEl6VE5EJTJGd1ZiSlhTRkU4RThTSGg4QlpFUDFad0FjcXdValczTXYyNEZ2eDBoWHlLdWtzVVpNdVIzR1JKbiUyQjhMcSUyQlpDczFSdGxxNnZYMWk0dlQzWVJIS0dJVmVZbXlVUlBvdVVNWSUyRkhiSWlBajE0ZnpnU29Tck5tcU42b3Y5ZyUzRCUzRA
www.bendigoadvertiser.com.au/	1970-01-19 23:23:25	Name: __adblocker Value: false
.britepool.com/	1970-01-20 00:28:12	Name: _temp_bpid_ Value: 990a7b79-2cdc-42d4-b961-7c8f95e134ad
.facebook.com/	1970-01-20 16:54:36	Name: sb Value: BlW3Yfje9J15dB0eAKqWnBDZ
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: afaeb2964e179a7d
.facebook.com/	1970-01-20 01:33:00	Name: fr Value: 0An2bx1i5VAXaVjtP..Bht1UD.6F.AAA.0.0.Bht1UG.AWXp7mWKvGM
.imrworldwide.com/	1970-01-20 08:45:00	Name: SSCVER Value: v1
.imrworldwide.com/	1970-01-20 08:45:00	Name: IMRID Value: d72c6d30-5c1e-11ec-b557-adf61f49dafd
www.bendigoadvertiser.com.au/	1970-01-21 10:25:48	Name: uid Value: 35cc4fad-b0e1-473f-8bc9-b09f5d74a839
www.bendigoadvertiser.com.au/	1970-01-19 23:23:28	Name: _lr_retry_request Value: true
www.bendigoadvertiser.com.au/	1970-01-20 00:06:36	Name: _lr_env_src_ats Value: false
www.bendigoadvertiser.com.au/	1970-01-20 00:49:48	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22e6b4cd11-3ffb-42fd-9304-11f56ed30cfe%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-13T14%3A13%3A27%22%7D
.bendigoadvertiser.com.au/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1639491207908
www.bendigoadvertiser.com.au/	1970-01-20 00:03:44	Name: sharedid Value: %7B%7D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=990a7b79-2cdc-42d4-b961-7c8f95e134ad Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	error	URL: https://www.bendigoadvertiser.com.au/story/7542491/hackers-targetted-qld-power-station/?cs=12 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://www.bendigoadvertiser.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=26 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0327ca79fd1d1ad8ad629c87769ab725.safeframe.googlesyndication.com
a.teads.tv
a.twiago.com
a3192.casalemedia.com
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
amplify-imp.outbrain.com
analytics.google.com
api.britepool.com
api.ipify.org
api.limbik.com
api.rlcdn.com
api.solutionshindsight.net
as-sec.casalemedia.com
aswpsdkus.com
bam-cell.nr-data.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
buy-au.piano.io
c2-au.piano.io
cdn-au.piano.io
cdn-gl.imrworldwide.com
cdn.cxense.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.lqm.io
cdn.materialdesignicons.com
cdn.newsnow.io
cdn.polyfill.io
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
consumer.krxd.net
cse.google.com
d.adroll.com
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
h.lqm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
id-au.piano.io
id.crwdcntrl.net
id.sharedid.org
id5-sync.com
image6.pubmatic.com
images.outbrainimg.com
images.unsplash.com
js-agent.newrelic.com
js-sec.indexww.com
log.outbrainimg.com
mab.chartbeat.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mug.criteo.com
mv.outbrain.com
odb.outbrain.com
origami.secure.ownlocal.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.roymorgan.com
platform.twitter.com
px.britepool.com
px.moatads.com
rsms.me
rziuhdghvxqz5hblufqkvcvnr3trr1639404806.nuid.imrworldwide.com
s.amazon-adsystem.com
s1.adform.net
s8t.teads.tv
sdk.amazonaws.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
snowplow.ownlocal.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.solutionshindsight.net
stats.g.doubleclick.net
storage.googleapis.com
survey.survicate.com
surveys-static.survicate.com
syndication.twitter.com
t.teads.tv
tcheck.outbrainimg.com
thrtle.com
tpc.googlesyndication.com
track.adform.net
transform.newsnow.io
trendads-swarm-api.reactivebetting.com
trendads.betfindr.com
trendads.reactivebetting.com
unpkg.com
us-central1-kube-ownlocal.cloudfunctions.net
widget-pixels.outbrain.com
widgetmonitor.outbrain.com
widgets.outbrain.com
www.bendigoadvertiser.com.au
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
z.moatads.com
api.britepool.com
api.rlcdn.com
cdn.jsdelivr.net
origami.secure.ownlocal.com
104.244.42.200
13.239.42.64
142.250.185.66
142.250.186.130
15.197.193.217
151.101.114.132
151.101.130.133
151.101.193.194
151.101.194.133
151.101.2.137
162.247.243.146
172.217.18.102
178.250.0.157
18.66.112.113
18.66.112.118
18.66.122.126
18.66.122.84
184.25.115.31
185.170.61.93
185.59.220.193
185.64.189.112
198.47.127.19
2.18.232.7
2.18.233.180
2.18.234.190
2.18.234.21
2.18.235.40
2001:4860:4802:36::36
2600:1901:0:9d3d::
2600:9000:223f:5c00:6:834a:a040:93a1
2600:9000:223f:a800:6:834a:a040:93a1
2600:9000:223f:b000:1d:667e:2a40:93a1
2600:9000:2240:7600:8:48e:53c0:93a1
2600:9000:2240:8e00:18:1fcd:34f:cdc1
2600:9000:2240:a400:1e:a43d:b640:93a1
2600:9000:236e:f800:2:42d9:3100:93a1
2602:803:c003:200::61
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4972
2606:4700:3037::6815:3c3f
2606:4700:3037::6815:8fa
2606:4700::6810:125e
2606:4700::6810:5914
2606:4700::6810:7aaf
2606:4700::6810:f015
2606:4700::6812:bcf
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:828::2010
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9d
2a02:2638::1c
2a02:26f0:6c00:1ba::26e5
2a02:26f0:6c00:2a7::268b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::720
2a04:4e42:600::282
2a04:4e42::714
2a0b:4d07:102::1
2a0b:4d07:1::1
3.104.244.252
3.217.174.143
3.220.38.221
34.120.133.55
34.246.74.180
34.247.138.28
34.96.77.232
35.227.208.151
35.244.184.131
37.157.2.239
37.157.5.71
46.105.199.2
51.178.20.139
51.195.5.38
52.18.183.31
52.19.22.209
52.208.32.237
52.209.141.115
52.222.236.89
52.46.130.91
52.86.210.192
54.218.247.33
54.252.100.191
54.81.121.96
54.91.59.199
64.202.112.95
85.215.5.31
92.122.252.200
92.122.254.4
99.80.242.238
02a36257cd3993d869d7e8f680c6003a0365d9e67f0767fe893d195576a7b75c
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
04c3fec343a3139e641d31fd6300ffcff4f0bdfb0188eb1eaf3fabbf2b4e4ab5
0675fb869f2c18d33481f54b2ebe2606e341ec18d5a2f1812ce3dece1b318af3
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0a759c9120394fec99cf2cc8c3e591520e688ff6aca64e352859bb7fb9e728aa
0af3cf517b81c423745f3492c52555abc85cbc7798d721b333f1d2a87e794cdc
0b0104cb4c8d6dcfc6423d9415e8a1b31928b91c6daa7f48aa8f368b7d78603e
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d15402258748bdc141ddfd8ca716a10c13c1563ed38966142ca1ce74c7148c6
0d2657eb59dc96ee295f410cd1bd09a5db1aa4d641d2a1b1d2d37a07cd49fcee
0d786e7596d222d21c91cb1c1a523eaa0420a7c6cdafe68d3004351037f7e1a2
0d9fe0e4b3fbc0abedc2cf2292be52464f8b4300cd36449f09569f85c2c00f67
0da595785bcb1161f319f403c1a5de0d2aaf05edf0b8bc0bd9925739acfae02c
10867f2c6ee8a828a2c3fadd5a113627cbb654dd2c31f2e25a9eefa41f088a55
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f0ad588f05191ae9cc057cf2b8364b676cc9cbd70d47226ff2aa027e1fd457
16289ad1217dd2ab3edf91cc8903e0ba0e102fc98614809197a3520cdf880b9e
175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
19525bb89abc4235b9f03ddc876d43b57f905ea22c9229dffcacfec0ca97353c
1a4c54b8cd14fc6f43c038983277497af2261bb9a88e48b84794a0fe6f2c5a8d
1ab4ca57652e2a04681a1fa72bd496d13acf6e1bcf419fcbbef9a8c20c52f1ef
1e63ce2cd90b5a7afcd2d6f962083c887bcf442c46987aaf5ba719ca23591881
1f85fea72087cbf16bb6b3ad425d2beb49cd92de5f60901bd079a44812b9df0e
2039e0e2a81d7ef4d3b97db079ddd819d3ec8729287c2d23634463502fec7ba4
21287f91f624f79998131bdfd48b93a41a91d4e6e295506f695335e58a483bd0
22e0bc8090cf4df4a1749ee73ff7d458784d192f5d060eb86bc79189a231f46f
23099e724ef4fbb8f547f2d0773847ff77d7376a8fa3c7cbc9cc232e0d8233f0
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea
2a3ab3568b5bf4220fb3df0eff5b06ba73dafbea4fee60ebff8a98b21df67aa7
2a8e9cbc0bc200371eaca84d101cc8689ceb9fba963e7c2d89227cf227eb4194
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b447063aba5f930343c5e155db88094159740a9438852ae483b727939654fb4
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2e3581ff9ba07d332f543327ed5cdfb649aaa3238a757f160e9f06c84b9fa943
2f144aeecd94296d562b6e514c1e65fdf574cdf9f3b03c2d2b6a1d6cd6a440dc
2f162d9444cde39ecf6b1260eef4efa09e711b5ebfc7477fce9444e13d9cae22
2fc84f21bba09bdf47c3f43a346e7a1562fbafa678b95108649be64fbcf66738
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33d34f4cc41eee7db91e34f99e0eae839b7499051d25ea8ab6a977659375bb3d
340425404969a5fd7e94c0bf252648795e370b1290dfaae48bc24b9aac1b6d04
342ad01bbc8675868557eb1ad3d0fa92a4d543d991b2e147a323dd58a5fdbde1
343ea3c17fa2d9c0502e019abd2f22d748dc6926105fc21c2aaded55e783b38a
34604ba39b93517852a6a2239fca2a8ef5454ef608d91dfdba2413a5c03c9ef5
34dc21f8d73b7dad09c18791b2c4702c31bf8dc438ade4dbb6b643e63d264710
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38dd019f54db92f484aaa0c299a6aa0f4afa336302003dc7de7b8db2bc69da8a
3a1ac78f7736b8b91cddc3db9c4ed34ad29bd563e96c7d145a9bb7763ca45feb
3a54f38a6204b9df81db852236e1e593fd53e5685fa0f9890abbad52a6013a0d
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3cf086a338c229555c5e9e90504579ef23e2dc056adb1d4c82d770f403ee0da8
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3d63f2c2180ae3119ce56dafafa66a0ad4021d4c0fe27d4ea77cbdf6103f4801
3ecd4a553bc83ee40de73d664de509ec7f58212617cc2ff52bdbd1d38664c56b
404b904f1d21059e43c8d5a2a5588c301310a2df08ba601c99096454277455a9
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
479310a89baa0fcc3c266317ee8ff880156171c075f1318c9b61798f56e15fbf
495a25bc34fa5587f34b986afa47450cfcf14a44e75702f77986d872f38ffc3f
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf
4b639212992c0be6121cecbf82913453cca0245049730514aac0e64663898dad
504fb1547220345bf29a8a8c48512dcf59d946020ce37b2319357b6d7c945df1
5091127d85fe8ef7c426febcc4f0dea9a297bed87c1b2f1bf2a035bf2b3ded0e
51bbe57479b8c393497c12c8a7a3e3db77d4d60751017cbebd63ddc54a328819
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
54edaa1c2f919c766434a85d567a262222c600ca0f5189f05c80837a7df6382a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568148aafeec1389461232a95ace60cf8bc2a8e41216af76b7b0578d6feb5164
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
59766a73a81b33feedfcdf0ae5ce44db49b5a8a88027e44860cdf7f9317d3df5
5978c513f9d01087f56a5e02bfadce7f96f3d9305f894a283e26ea2f273da809
59c6931bfd6ec6fa577e8b51c332c3f4f5048ae253622dfaa3f88e3a53154324
5b715124fb434b19d62ec7a153d60bbaedf3c42086e8debbc8613109b70401f4
5b906fc46b61702ca44065496615da1c589eed624c4ddaf7862f1bd9fd8ab22c
5e06cf930a32a66b83f467231ea47aeb84ccd9cad4d844f05f3b4ff1eee205e5
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f88e2ee185949810c3274f8b1ac44faac4b929ff7a488c40d2f8b8482ca127a
6016dc55eca450c9f77032d8af77e85cff3f13684fd415f25c8fc6bd69bc360b
603aba830ea0e035c90c5c4a95a4f2a79de9c8f6b479a4f5e599402dedf9cdcb
6108edbc1f5214af071c67c83109f7537844742f184c70e53eec990a9ee531d9
612338fd053a7a437785f62869daed6e0c7c1b082bf695448b8fd533b6eb2125
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6368ae4e3f34b16242c8ad8cfb76db9bd87af7d1a901b5a92413e53703a3d4a9
6395c658d9ddf789c3fb7fc717ff5fa8d6c25ec93b0873ee6bba454ec062289f
63f1b81a39a8b9e8b6eccbfdc14b5888f79cdae622cd44645c6c88d09c976b85
64070298d38d4fda4e15c2d0d702c972568113df8782b4dd6ba6fc0d3d9dd068
64c7cfcb10ce96b90eeb7a35edde50346641d8c629eda436c3b50adc93dea054
683755df284c52999ee1fa0446d6afebe418bac8e820023b6087728ddfc7d5e1
68b887c897a49dcd64b0df4e7ec0a1fa53012275869045e6ad56bdd4cc8391ba
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b928ec70723e68916db34f8c760e0fdd0a8f9ce8748b9bade0711d4a6623cbe
6d2247d8fe93a7251c0eae4fb1db0a41428b0c2ad9ff4167159bf45c59bfca9d
6f1f9ec4e2325dd79fe242e37ecbe16b2f35229e06e56db19552e82ed0168c63
7085eca4456d555406bd4eed0c86d2a9430952d42ec712c949d76c7d35545f98
718f86718572cbcb3ac3eebdb94e52a8298ad4f9a4678d12f7f9f566496491bf
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
726b18ee909a4d05c29625493f7e3c109aaf733da03e1a505e20b99e355cea48
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
72e2154dfbf3344885df970a717ccdce5947d2f0f271b3aee0c77568d1a1c563
730504ca9c1b90b2183fa4dc9fcf2a5618c8e342d0ce131d08f5e035e95de17c
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
75840e84176a173b87e459125a09217575062eb0b9ad0e044a7b64010729bcbc
7896d1a0f30a23b62c4ba33276aff03b7e2f64bbcae1f5c2fb5187c779425472
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
79e3d72fe46caad8613f21b19bd91f2cc6d1f4d1db19490d266a34cec79156e4
7d82bfa96fd2950163c48f7fe625d8d52fc0d252d00fb8fb44854f7e271f1fc3
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6
80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
827d65fe3607658bca7c80ae1746aa7b6f5b9fd78481074621bdb7933cb7ebaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d62ecfee5112a90fa736246a6b34bc008eb37df0443e118472210bd278f10
83cffdba4c4328a5828b2dd607db47145a0d886270034f2c615f879ac1995814
84090c263e0f79c47ea50c29ad48d787a88b729b9afaac719393065918f459c9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8576ac4fad8d6a2eef6c1a412387cb3e7a6909b0a647f33bb0686d57d300d02e
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
875a5f7e51c107413a23f6c14fe8db35da72431fb2e023846d936327fe999071
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88a64b2ad2204b83688d3ae0e1482baf94a1c17ce259e6589b4607d38aba8654
88c299732a9318962393c7715e0c035d806e5adde2beb3c8f8eedb8148ec9429
894037af63ca44cc688f5ba8f56ca6dc862db6fd56dde793bce96734cf7a2b63
8b43f237233b62970b0e7ff97c4634f15a28ce844016d4d52b54194195979048
8cf9fc46e2fd075c44c3ad6fd986bf53c02c14b02c4d06e9ea848a1565647651
8d526a614dd31fabed89c605d7ddcb6adb1a9e2e45f3644ecbaabacf892bf038
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8f7dcd51d37ae6f8d3ceb197ccc9f940405de3e4c10cd1e574426c0c70b5225a
917f873b934d4fbf55a4fdbcc827ad1c00a8c2c830213c3385479e9403726bef
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
938512a727c2ea524c8f750e278b6383abe20ad523e2aa49a4808b203a004f35
9444c94fea846b407cda7a84850890961fbeec4b717370499b37630ac128b265
9456d21c9e1343940af64f6ebed900bce7b4c7ec1174afabdfbd62ce2ddfe37c
95c09eada85049c0043e00a2af6169785874f56f97468941b6c893ee17f04897
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
978feed92f3107c6026890e6cc2f8cd1ae7ddc72b90fb32233bc19f14bc49521
9a821fafecfc9ba8ca1c4c7848efe07f823ec1a84c1ec05e643414ececfd2082
9cabae9e11b49e4d2b8f0016987117cfb5d3a5784831e79d171a61bae203ba5b
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673
9fa6d0cf6a49de6ffafb03e101a6781c467a1932fb0b692d91c6cfef3e873f36
a0209e9b3c5b550d0bbc207303cf0b3a6f9a48146a799a54f035b7e0a4dc6e8d
a1792c646f0168efd9771655a867b9e076049853737e4b8f9e6cf1c1998739da
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a7f8789aefbd27aeaec7339f0acc4ae19336ab2f2d06400331ba2d03cec4a4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b7816acc7f10a63e09790893f93a1c8b04d154d78ad71cd8651b0a46bd63da
a84e24aab3c5c6a2cea0f608ed2602104b653a4d633aa8fab17bd9d1d8261360
abd2f3309e4a1cb13402b633ab45cebbb7f6866537fbacb9560eb5015e7f68a0
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
adab9343d9658827f7c8574865e7327599d44c8265c75362979df80dc95d4b59
aeb0726952dc3ab1980c871c4c639bf4ce444031b94f029c1e3c32ed4e03d140
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b158e045b9d6952b9747449e56eb24db68fd087478a49b869318147f7a150a83
b4f31178f3fe6003e606295047fdb9be890c6a9c6c8594576435f86975af582f
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5d2db04c9d9a3696e4f527eed54ae84d21345e2f7f941692cbc9e51e9d5b760
b7ada1d31bc9b44b31f795e88e4188d5fee01b9e8badb19fb34a8cc5631f28e0
b8e08d56911d8fe3220cbcd92050537db013ce528b3dea9f2e2088fd507bb5d6
bb908210c25493be2469918c01d9d5ce632ed43fd239e39f5e7f965f69e98ec2
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
be8c701dc286885cb9dec58978b014e586ef5e93d315fe9e101d98ed2f958781
bff5a68b4b313fc6406e03b0b69df7e8777122b47c633249cdc2f35aa6c59d83
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26f53f92927765186d2af1b3dd66c7eaa51b6ff3510015488e31944a2a9c3f2
c3ad2b7044bc00ef7bdee32d0d74efc77ed72cb9a9d5a0cb40db36d8ba311e5a
c4a231fa4764206e584c50f1f6ca17f9d879f540c126db9312141fd479cf3f1f
c4f451a982fc3b80c581bf0f1e6c175420609abe1b56f766a7a36c9352948e66
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cd7718e89d843edf42733421d166c142fd1307c8de4b7c156673f1554c46915a
ce136a7c8725e23e4f1a7354793e04020adcf6ee4f92b8f9e3fd9ea4dfe07fc1
ce142c5f5f33a12ce3f88e9af21044cf0c96503518818bb64fd7978c9cf5569c
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0090796c5acb22dd02e0a8b576753ba57f36751b61e54620b7c2c96b07477f5
d0cc8ae822a3ddb55652488c889e279b50fa0a3367abc4d92abf5643849f7694
d204ee3c24b2f3e1738d36a121513c222da807fcaf8e05b553152d998535b4aa
d2f1aee1a9cd7957dea20305e185de71cc8b5b36c3652e93b658ccde0dcb5c06
d353efaccb310b34bb0f0479ff5cbaac7543f9a4dfb890bcd15f4ea734174903
d3d670166a2108099dfbaf103c04baeb42395bbac5262b19be621b69f89bfbf1
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d49d9ebc548f538e2700aab93d6e3fc176246c8c8fd9fdce07e9c4728defb083
d56d7bfb41492b00c76a0c1280fddd1ba2ac93afc53afebb39bafebc82ed6338
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d7d3e40bdbd034a726e3eb42bdb54679127845c79f334ff30688c3528fb3fe7b
d7e66a6c03083991b5d7c21708228fde16f486ee1cb4d4e0a7c4fdba97b9dc48
d80ccd5cbb1a97c9a8362a945987bb989e8d00eef1230b88b974e80940dbfeed
d83c5d7125b0f6a6517bf52a5a4cffe2e5eea8d60e1c414baabf1a391442d64c
d96a0afbd4919368937b61c61aea4e4e87f855f23f512205119bef66a1346793
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dabe089fa606db7c6c7c06ce501499c0c51cebdeb292efcff4b842ec61b4233c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db467146b71336f602c1f73aa38765ea43c3c1f3cded095a1389665e640af4b0
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd224ac44f6edd8cb8977c1be069c54ff98f99e16807425075a6057b4c58b70b
ddf68ea9a10d160f1de922ed111ed723b6f6a4c718cae3ace6209c6cf36fddfe
de00844b7403330091c57415c806b882bf603724052660ea167af3d55291fed5
deddc7f9e9d184da490d72997170fa7b0a15a9ee0572aa2df740e5ec9e354ecd
df0fecd11dd975d873105eab75b756fdf558a89175933c0a41cac98f1c88fd85
df225629ffde50c46bdba6eb7beb1f239f881420f47a39e88251e428c50402e5
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e30e8422e04f3611a397ff94dc8763985e9a8cab1778d524c00e5c12113e009f
e371c9ea0fd636a3ecd29ae5e8413d144d470f77ca4bdda94b6e61ec3b980eb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44351fd1d3db063e5d687b93d017a949e82dc13c3fe8ad01f9361012e5c1b91
e50b11cc220c450ea908b5809d71ab33cff5d83d79b6a7ee84292d8540ab2155
e5a2b7b5ed14b466f41c272f268e0f6fa9f38c34d0ca6a5748accf006b313258
e5ab11b9756b1d55d9319049c61aeefffdbc7c9b96dfcb1e32ecb574b8750c7f
e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24
e79efd32d78c3201da2f062c2bbc811587a4f57c575019a00057172efff59f09
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
ea183c5c508aa23e90253b5cf70a13908c84d13615df21df9b48472f0102034f
eab32cf19c18bb6d5776a2434f533733f0e2a8a2cfa6074da2dfa01e1940de08
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ecc916b3f6f290298ffc698e5bf57cab7a5b0bacddb1ad26533b502520a84f9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effd0e1493054852ddf2be0882223a632c130c04fed5b910072cdd93e5ad0bb5
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f31ba6e16630774dd524f9a14643c28fd41813871e6e5612a3a8190b1460aa17
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
f72f9083e5b52562cb10874bdf452aa196062c9c58aad9e3248404a8a6d5647a
f7473a96bc1be6e95e90ef09ea6b40ce3870fd2f161ae995a3a321bcc8d91c25
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
fb9bedfffe1f9a22c1ca4eef19d83518be668fdf2fb5c0f634fb57ee369c7f26
fcf9b0381bbeca95cf5f496a8013703f799cc0ce6ada368a1a7ac25a8b74443d
fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.bendigoadvertiser.com.au Open in urlscan Pro 18.66.122.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

394 Requests

95 %HTTPS

46 %IPv6

68 Domains

121 Subdomains

98 IPs

11 Countries

6230 kBTransfer

17222 kBSize

57 Cookies

31 Outgoing links

Page URL History

Redirected requests

394 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bendigoadvertiser.com.au Open in urlscan Pro
18.66.122.84 Public Scan

Screenshot
Live screenshot

Full Image

394
Requests

95 %
HTTPS

46 %
IPv6

68
Domains

121
Subdomains

98
IPs

11
Countries

6230 kB
Transfer

17222 kB
Size

57
Cookies

394 HTTP transactions
14 data transactions