urlscan.io logo urlscan.io
SecurityTrails logo

www.itnews.com.au Open in urlscan Pro
203.176.102.69  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Submission: On July 31 via api from TR — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 10 countries across 57 domains to perform 326 HTTP transactions. The main IP is 203.176.102.69, located in Melbourne, Australia and belongs to VOCUS-VAS-AU Vocus Advanced Services, AU. The main domain is www.itnews.com.au. The Cisco Umbrella rank of the primary domain is 882100.
TLS certificate: Issued by R3 on July 3rd 2023. Valid for: 3 months.
This is the only time www.itnews.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 36 203.176.102.69 38809 (VOCUS-VAS...)
2 142.251.10.97 15169 (GOOGLE)
7 74.125.24.95 15169 (GOOGLE)
3 104.17.24.14 13335 (CLOUDFLAR...)
3 64.233.170.95 15169 (GOOGLE)
42 104.18.17.195 13335 (CLOUDFLAR...)
29 203.176.102.67 38809 (VOCUS-VAS...)
8 29 172.253.118.157 15169 (GOOGLE)
14 74.125.68.94 15169 (GOOGLE)
1 42.99.140.139 4637 (ASN-TELST...)
2 142.251.10.157 15169 (GOOGLE)
1 18.155.68.61 16509 (AMAZON-02)
6 157.240.235.1 32934 (FACEBOOK)
1 104.18.134.59 13335 (CLOUDFLAR...)
5 199.232.192.134 54113 (FASTLY)
2 64.233.170.138 15169 (GOOGLE)
1 2 74.125.24.149 15169 (GOOGLE)
1 104.16.117.190 13335 (CLOUDFLAR...)
1 104.16.137.206 13335 (CLOUDFLAR...)
1 104.18.24.196 13335 (CLOUDFLAR...)
2 2 23.66.150.27 16625 (AKAMAI-AS)
4 23.46.198.37 16625 (AKAMAI-AS)
4 7 35.190.60.146 15169 (GOOGLE)
2 4 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 3 35.213.12.39 15169 (GOOGLE)
1 13.224.249.94 16509 (AMAZON-02)
1 52.84.251.107 16509 (AMAZON-02)
3 6 13.107.42.14 8068 (MICROSOFT...)
1 5 64.233.170.104 15169 (GOOGLE)
3 64.233.170.94 15169 (GOOGLE)
7 151.101.128.134 54113 (FASTLY)
15 172.217.194.132 15169 (GOOGLE)
2 5 18.140.232.8 16509 (AMAZON-02)
1 216.239.38.181 15169 (GOOGLE)
2 74.125.200.154 15169 (GOOGLE)
25 13.224.249.91 16509 (AMAZON-02)
1 54.192.18.34 16509 (AMAZON-02)
1 172.67.38.106 13335 (CLOUDFLAR...)
4 74.125.200.132 15169 (GOOGLE)
1 104.17.203.204 13335 (CLOUDFLAR...)
5 74.125.24.156 15169 (GOOGLE)
9 13 69.173.158.64 26667 (RUBICONPR...)
8 157.240.235.35 32934 (FACEBOOK)
1 162.19.138.119 16276 (OVH)
1 37.157.3.30 198622 (ADFORM)
1 2 52.74.32.105 16509 (AMAZON-02)
5 64.233.170.132 15169 (GOOGLE)
3 23.46.197.50 16625 (AKAMAI-AS)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 5 52.46.155.104 16509 (AMAZON-02)
1 1 13.213.139.245 16509 (AMAZON-02)
5 5 15.197.193.217 16509 (AMAZON-02)
1 54.192.150.95 16509 (AMAZON-02)
2 74.125.68.139 15169 (GOOGLE)
2 9 139.5.84.243 27381 (CASALE-MEDIA)
3 3 35.244.159.8 15169 (GOOGLE)
1 10 52.84.251.81 16509 (AMAZON-02)
1 1 18.143.106.89 16509 (AMAZON-02)
2 2 13.228.126.19 16509 (AMAZON-02)
3 3 67.199.150.82 62713 (AS-PUBMATIC)
1 1 67.199.150.86 3257 (GTT-BACKB...)
1 1 207.65.33.76 62713 (AS-PUBMATIC)
2 2 98.98.134.242 21859 (ZEN-ECN)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
3 23.35.185.50 16625 (AKAMAI-AS)
1 1 103.229.10.247 16509 (AMAZON-02)
1 1 35.208.249.213 19527 (GOOGLE-2)
2 2 104.18.24.173 13335 (CLOUDFLAR...)
2 54.192.18.83 16509 (AMAZON-02)
1 74.125.200.95 15169 (GOOGLE)
3 74.125.68.84 15169 (GOOGLE)
1 104.16.199.35 13335 (CLOUDFLAR...)
1 54.192.18.64 16509 (AMAZON-02)
1 74.125.200.94 15169 (GOOGLE)
1 34.255.108.185 16509 (AMAZON-02)
2 52.16.0.234 ()
1 199.232.192.64 ()
1 13.33.88.30 ()
2 4 52.77.24.246 ()
326 66
36    203.176.102.69 (Melbourne, Australia)

ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU)
PTR: secure.nextmedia.com.au
www.itnews.com.au
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
7    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    64.233.170.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f95.1e100.net
ajax.googleapis.com
42    104.18.17.195 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
data.dianomi.com
29    203.176.102.67 (Melbourne, Australia)

ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU)
PTR: i.nextmedia.com.au
i.nextmedia.com.au
29    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
www.googletagservices.com
14    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
fonts.gstatic.com
1    42.99.140.139 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-139.pacnet.net
snap.licdn.com
2    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
googleads.g.doubleclick.net
1    18.155.68.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-61.sin52.r.cloudfront.net
static.hotjar.com
6    157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    104.18.134.59 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
5    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
itnewsnext.disqus.com
referrer.disqus.com
2    64.233.170.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f138.1e100.net
www.google-analytics.com
2    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
ad.doubleclick.net
1    104.16.117.190 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    104.16.137.206 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    104.18.24.196 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    23.66.150.27 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-150-27.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.46.198.37 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-198-37.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
ei.rlcdn.com
4    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    13.224.249.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-94.sin52.r.cloudfront.net
script.hotjar.com
1    52.84.251.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-107.sin5.r.cloudfront.net
cdn.linkedin.oribi.io
6    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
5    64.233.170.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f104.1e100.net
www.google.com
3    64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net
www.google.com.au
7    151.101.128.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
15    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
5    18.140.232.8 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-232-8.ap-southeast-1.compute.amazonaws.com
server.prebid.dianomi.com
1    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
stats.g.doubleclick.net
25    13.224.249.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-91.sin52.r.cloudfront.net
c.disquscdn.com
1    54.192.18.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-34.hkg62.r.cloudfront.net
tags.crwdcntrl.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
4    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
1    104.17.203.204 (None, )

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
5    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
pagead2.googlesyndication.com
13    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
8    157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    52.74.32.105 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-32-105.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
5    64.233.170.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f132.1e100.net
cdn.ampproject.org
3    23.46.197.50 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-197-50.deploy.static.akamaitechnologies.com
a.teads.tv
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
5    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.213.139.245 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-139-245.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
5    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    54.192.150.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-95.sin2.r.cloudfront.net
cdn.undertone.com
2    74.125.68.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f139.1e100.net
apis.google.com
9    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
10    52.84.251.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-81.sin5.r.cloudfront.net
usr.undertone.com
1    18.143.106.89 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
pixel.advertising.com
2    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    67.199.150.82 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
1    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    23.35.185.50 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-185-50.deploy.static.akamaitechnologies.com
t.teads.tv
1    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    54.192.18.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-83.hkg62.r.cloudfront.net
cdn.flowplayer.com
1    74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net
imasdk.googleapis.com
3    74.125.68.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f84.1e100.net
accounts.google.com
1    104.16.199.35 (None, )

ASN13335 (CLOUDFLARENET, US)
videodelivery.net
1    54.192.18.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-64.hkg62.r.cloudfront.net
ljsp.lwcdn.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
www.gstatic.com
1    34.255.108.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-108-185.eu-west-1.compute.amazonaws.com
pmi.flowplayer.com
2    52.16.0.234 (None, )

ASN- ()
ihi.flowplayer.com
1    199.232.192.64 (None, )

ASN- ()
glitter.services.disqus.com
1    13.33.88.30 (None, )

ASN- ()
live.rezync.com
4    52.77.24.246 (None, )

ASN- ()
io.narrative.io
Apex Domain
Subdomains		 Transfer
47 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 7753
data.dianomi.com — Cisco Umbrella Rank: 8484
server.prebid.dianomi.com — Cisco Umbrella Rank: 14970
133 KB
36 itnews.com.au
www.itnews.com.au — Cisco Umbrella Rank: 882100
312 KB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
ad.doubleclick.net — Cisco Umbrella Rank: 183
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
210 KB
29 nextmedia.com.au
i.nextmedia.com.au — Cisco Umbrella Rank: 916467
1020 KB
25 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 5064
499 KB
24 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
563 KB
20 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155
eus.rubiconproject.com — Cisco Umbrella Rank: 618
token.rubiconproject.com — Cisco Umbrella Rank: 613
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1195
pixel.rubiconproject.com — Cisco Umbrella Rank: 380
31 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
352 KB
13 disqus.com
itnewsnext.disqus.com
disqus.com — Cisco Umbrella Rank: 1251
glitter.services.disqus.com
referrer.disqus.com
109 KB
11 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 3719
usr.undertone.com — Cisco Umbrella Rank: 2710
7 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 187
apis.google.com — Cisco Umbrella Rank: 181
accounts.google.com — Cisco Umbrella Rank: 62
51 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
ajax.googleapis.com — Cisco Umbrella Rank: 415
imasdk.googleapis.com — Cisco Umbrella Rank: 497
229 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 477
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 624
8 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
391 B
7 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 410
ei.rlcdn.com
1 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1453
t.teads.tv — Cisco Umbrella Rank: 2494
134 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 384
www.linkedin.com — Cisco Umbrella Rank: 543
5 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
459 KB
5 flowplayer.com
cdn.flowplayer.com — Cisco Umbrella Rank: 21296
pmi.flowplayer.com — Cisco Umbrella Rank: 37388
ihi.flowplayer.com
35 KB
5 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 673
image2.pubmatic.com — Cisco Umbrella Rank: 1021
image4.pubmatic.com — Cisco Umbrella Rank: 1249
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
2 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 319
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 427
110 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 213
281 KB
4 narrative.io
io.narrative.io
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 513
1 KB
4 pippio.com
pippio.com — Cisco Umbrella Rank: 806
4 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 482
658 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466
ups.analytics.yahoo.com — Cisco Umbrella Rank: 321
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1034
bcp.crwdcntrl.net — Cisco Umbrella Rank: 869
sync.crwdcntrl.net — Cisco Umbrella Rank: 840
13 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 24349
669 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 350
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
160 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 801
s.tribalfusion.com — Cisco Umbrella Rank: 2021
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 714
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 837
id5-sync.com — Cisco Umbrella Rank: 423
25 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 759
script.hotjar.com — Cisco Umbrella Rank: 988
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
170 KB
1 rezync.com
live.rezync.com
1 KB
1 lwcdn.com
ljsp.lwcdn.com — Cisco Umbrella Rank: 20757
564 B
1 videodelivery.net
videodelivery.net — Cisco Umbrella Rank: 20744
1 MB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 898
191 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 802
512 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1487
311 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1274
106 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3571
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 876
374 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4753
392 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2221
64 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2215
21 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3354
3 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2515
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 795
5 KB
0 rfihub.com Failed
p.rfihub.com Failed
0 cpx.to Failed
s.cpx.to Failed
0 adotmob.com Failed
sync.adotmob.com Failed
326 57
Domain Requested by
39 www.dianomi.com www.itnews.com.au
www.dianomi.com
data.dianomi.com
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
36 www.itnews.com.au 9 redirects www.itnews.com.au
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
29 i.nextmedia.com.au www.itnews.com.au
25 c.disquscdn.com disqus.com
c.disquscdn.com
itnewsnext.disqus.com
www.itnews.com.au
15 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.itnews.com.au
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net 1 redirects www.itnews.com.au
www.googletagservices.com
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
14 fonts.gstatic.com fonts.googleapis.com
10 usr.undertone.com 1 redirects cdn.undertone.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
9 cm.g.doubleclick.net 7 redirects eus.rubiconproject.com
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
8 www.facebook.com www.itnews.com.au
c.disquscdn.com
7 disqus.com www.itnews.com.au
c.disquscdn.com
7 fonts.googleapis.com www.itnews.com.au
www.dianomi.com
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 idsync.rlcdn.com 3 redirects www.dianomi.com
www.itnews.com.au
6 connect.facebook.net www.itnews.com.au
c.disquscdn.com
connect.facebook.net
5 match.adsrvr.org 5 redirects
5 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.googletagservices.com securepubads.g.doubleclick.net
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 pagead2.googlesyndication.com tpc.googlesyndication.com
www.dianomi.com
www.googletagservices.com
www.itnews.com.au
5 server.prebid.dianomi.com 2 redirects www.dianomi.com
cdn.undertone.com
5 www.google.com 1 redirects www.itnews.com.au
securepubads.g.doubleclick.net
5 px.ads.linkedin.com 2 redirects www.itnews.com.au
eus.rubiconproject.com
4 io.narrative.io 2 redirects www.itnews.com.au
4 pixel.tapad.com 3 redirects live.rezync.com
4 dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com www.itnews.com.au
4 pippio.com 2 redirects c.disquscdn.com
www.itnews.com.au
4 eus.rubiconproject.com data.dianomi.com
eus.rubiconproject.com
cdn.undertone.com
4 itnewsnext.disqus.com www.itnews.com.au
3 accounts.google.com apis.google.com
www.itnews.com.au
www.gstatic.com
3 t.teads.tv www.itnews.com.au
3 image8.pubmatic.com 3 redirects
3 us-u.openx.net 3 redirects
3 ssum-sec.casalemedia.com 1 redirects cdn.undertone.com
ssum-sec.casalemedia.com
3 a.teads.tv securepubads.g.doubleclick.net
www.itnews.com.au
3 www.google.com.au www.itnews.com.au
3 x.bidswitch.net 2 redirects www.dianomi.com
3 data.dianomi.com www.dianomi.com
data.dianomi.com
eus.rubiconproject.com
3 ajax.googleapis.com www.itnews.com.au
3 cdnjs.cloudflare.com www.itnews.com.au
cdnjs.cloudflare.com
2 ihi.flowplayer.com cdn.flowplayer.com
2 cdn.flowplayer.com www.dianomi.com
2 pixel-sync.sitescout.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 apis.google.com c.disquscdn.com
apis.google.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.itnews.com.au
2 secure-assets.rubiconproject.com 2 redirects
2 ad.doubleclick.net 1 redirects www.dianomi.com
2 www.google-analytics.com www.itnews.com.au
2 googleads.g.doubleclick.net www.itnews.com.au
2 www.googletagmanager.com www.itnews.com.au
1 ei.rlcdn.com 1 redirects
1 live.rezync.com c.disquscdn.com
live.rezync.com
1 referrer.disqus.com www.itnews.com.au
1 glitter.services.disqus.com c.disquscdn.com
1 pmi.flowplayer.com cdn.flowplayer.com
1 www.gstatic.com accounts.google.com
1 ljsp.lwcdn.com cdn.flowplayer.com
1 videodelivery.net www.itnews.com.au
1 imasdk.googleapis.com www.dianomi.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 trace.mediago.io 1 redirects
1 cms.quantserve.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 pixel.advertising.com 1 redirects
1 cdn.undertone.com www.dianomi.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 bcp.crwdcntrl.net www.itnews.com.au
1 cm.adform.net www.dianomi.com
1 id5-sync.com www.itnews.com.au
1 api.hubapi.com www.itnews.com.au
1 cdn.id5-sync.com www.itnews.com.au
1 tags.crwdcntrl.net www.itnews.com.au
1 analytics.google.com www.googletagmanager.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io www.itnews.com.au
1 script.hotjar.com www.itnews.com.au
1 tags.rd.linksynergy.com 1 redirects
1 js.hs-banner.com www.itnews.com.au
1 js.hs-analytics.net www.itnews.com.au
1 js.hsadspixel.net www.itnews.com.au
1 js.hs-scripts.com www.itnews.com.au
1 static.hotjar.com www.itnews.com.au
1 snap.licdn.com www.itnews.com.au
0 p.rfihub.com Failed live.rezync.com
0 s.cpx.to Failed www.itnews.com.au
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
326 93
Subject Issuer Validity Valid
itnews.com.au
R3		 2023-07-03 -
2023-10-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
i.nextmedia.com.au
R3		 2023-06-10 -
2023-09-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
server.prebid.dianomi.com
Amazon RSA 2048 M01		 2023-04-22 -
2024-05-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
a.disquscdn.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-29		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.undertone.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-11-09		 9 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.flowplayer.com
Amazon RSA 2048 M01		 2023-05-02 -
2024-05-30		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.lwcdn.com
Amazon RSA 2048 M02		 2023-03-23 -
2024-04-20		 a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-04 -
2023-12-06		 a year crt.sh
pippio.com
GTS CA 1D4		 2023-07-13 -
2023-10-11		 3 months crt.sh
*.rezync.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-12-23		 10 months crt.sh

This page contains 29 frames:

Primary Page: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Frame ID: A92826EEB1144D36BCF78ECFE464D985
Requests: 115 HTTP requests in this frame

Frame: https://www.dianomi.com/recirculation.epl?id=119
Frame ID: 97700FA87C4D343C90B8D6F21D70E136
Requests: 11 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Frame ID: 41880A731BBB41A5C714F62620675D61
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Frame ID: EA411B52F27CCE7DD0801CC2E4016955
Requests: 12 HTTP requests in this frame

Frame: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Frame ID: 6E01139651CE089C15ECEB430658F3EA
Requests: 4 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Frame ID: C5051BE98033B22BAFF907653047CA8A
Requests: 24 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
Frame ID: 32AC0343562D19EF6D5B73097EA5BEB7
Requests: 16 HTTP requests in this frame

Frame: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C83D4CFE5C43042AD4DB6F0C11D7A1F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0BB71A7E2DC00CEE007851A0A40488E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8xRxktO1yl5tAyZ1iLBnUj5Ig79AKNe8I7csujeREXXT60SGKxyP8Jexk3UyJunQKN_XT3DOJsiZ2ojcgDGrLDoyfW6QdGCyZcmhCZxQmJkSkvEsP9B-uc1uZz8cY9Hg7vdAVeS5tLjkZ88sJTI2b8FaKXfmVpf1bCeHnSAvlQIhkXe0oMVKWW0MP6aYeAa0aw778LN2MzuulS5Q6F9u-fvYXrGyA7YENPIvjVEBto8CIxqKFQcX3YL-fC5ILxR9HCfAArFDC92w8w9RbdgcMHFvN65SeCYtZGkMojeBy6MG98PPVfC36M6jhb6fpokaYRJj19gKwjs99eHv9uZrJHZvvbIIh9yxvuPQfUQ&sai=AMfl-YT4HA_55ojYN8x1n-RJYk-419TeKyut_UaV5upLPodkTbBdHHRRRWSrFXXpEu3Z0BY_n3nMcUQT0hYp5_OoflwDiQebgA_hZjWnZDvxKZeptCfiIu8KlcfNnFez6zg&sig=Cg0ArKJSzH9PwAtkYiO8EAE&uach_m=[UACH]&adurl=
Frame ID: C428E492A85F1040600739F9DABD59C7
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 83ECB8C2FF8EE2D7C270D73F13EC1374
Requests: 16 HTTP requests in this frame

Frame: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0BC1D8CD1F0E37F5836826322F728D1F
Requests: 8 HTTP requests in this frame

Frame: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5A415D908CDC4399B2B6DF97AC15928
Requests: 10 HTTP requests in this frame

Frame: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5CED140EC02853844364841AC1D0DAD1
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4i_25XmraMarFI4Aew6IXT88Onuyie2nnWbEQCIVGmSUYihq6sIwVotp4WJTl0JBa-QpEOStw7-77gePTYpZuzT-cDvCZkA1pgWncq0qZioK3glQ9ltuE8fXxr7tSAXiD--7BwFnFC6VwpN8OMr1DqwA2O32tiai853jv5KlF5ZBH4V8aeSfzuniqu90xWrUsvwU7JjGf2B6yg-1IkFhy-lEsLG2aJ83fK5DAgzO9LHUJ2T5R9OdLAzHXzG9Tty0cXXKa8ZhNLFu6d9l6Vz0LggQYeRWVyCtnGmEbZZBnLt4l8teWcttm9pMDZ1QQ8iWUNbQPNw&sai=AMfl-YQyKbLleVGOiXiwujoVPnScytbGf2VJZ5TA9Y4b0huzjhhWn_1js2ZFGEO0I_Siza7Ouw0LhFhvyYftSMPVNdHQFJ0iO2yOIpOIOcZRflyvk6SneMNaGofYhg6izSs&sig=Cg0ArKJSzHNkaFPC9iV5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C8B368EB0203E5F32FEF91CEC3E8F783
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7259DBF8A7DDCB69CFA9E44EF4DC9B51
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C74B41CE49EC030E28BBD86ED8A14FF2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8BF3B96FEE79F9A44402C28FBE0C8F96
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6784B97CC9F629073F3C1143D0034711
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Frame ID: 9B73D7E96AAE77F51E1134F9D37C1C07
Requests: 6 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 9D4FE0A300C4D710D17FE6D010701A07
Requests: 9 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 2C3F8311431063B03C26C34591447162
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 560ADBEF7384E171EB0948DBD58F9183
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 4BDAB86F3DEE724F68718538A879EABC
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: C898A552E3DB4BCEFB677DCC76226F99
Requests: 3 HTTP requests in this frame

Frame: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Frame ID: 5C1949E5EF6692E7FF8070C74CE371FC
Requests: 23 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: CAFD7176D4E4FB881193A2F30F6DC52B
Requests: 4 HTTP requests in this frame

Frame: https://pippio.com/api/sync?pid=1391&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&it=1&iv=cmmk8d63ijqorp
Frame ID: 5F339DFBE6F8402BECC8BB0277BB7446
Requests: 4 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=cmmk8d63ijqorp&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cache_buster=0.635458463121
Frame ID: 372262C9C64898CABFE160742F37607E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malware spotted on Barracuda email gateways - Security - iTnews

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

326
Requests

85 %
HTTPS

0 %
IPv6

57
Domains

93
Subdomains

66
IPs

10
Countries

6339 kB
Transfer

12710 kB
Size

83
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.itnews.com.au/Images/mobile-share-twitter.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-twitter.png
Request Chain 27
  • https://www.itnews.com.au/Images/mobile-share-facebook.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-facebook.png
Request Chain 28
  • https://www.itnews.com.au/Images/mobile-share-linkedin.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-linkedin.png
Request Chain 29
  • https://www.itnews.com.au/Images/mobile-share-whatsapp.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-whatsapp.png
Request Chain 30
  • https://www.itnews.com.au/Images/mobile-share-email.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-email.png
Request Chain 59
  • https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png HTTP 301
  • https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Request Chain 60
  • https://www.itnews.com.au/Images/itnews-logo-white.png HTTP 301
  • https://www.itnews.com.au/images/itnews-logo-white.png
Request Chain 61
  • https://www.itnews.com.au/Images/search-icon.png HTTP 301
  • https://www.itnews.com.au/images/search-icon.png
Request Chain 62
  • https://www.itnews.com.au/Images/bullet.png HTTP 301
  • https://www.itnews.com.au/images/bullet.png
Request Chain 97
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809906;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=CK_ckt-FuYADFYJKnQkdvdcMTw;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809906;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 107
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Request Chain 110
  • https://idsync.rlcdn.com/425276.gif?partner_uid=d9724699ebcec4a9764124759e307b22 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIGQ5NzI0Njk5ZWJjZWM0YTk3NjQxMjQ3NTllMzA3YjIyEAAaDQiz7J6mBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=da227da3839a9b4ef0438e7d250dbd8edac98a61cd94a9e5b2998e0fcc768622791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkYTIyN2RhMzgzOWE5YjRlZjA0MzhlN2QyNTBkYmQ4ZWRhYzk4YTYxY2Q5NGE5ZTViMjk5OGUwZmNjNzY4NjIyNzkxNDI2YjU0MTdkY2UyMRAAGgwItOyepgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkYTIyN2RhMzgzOWE5YjRlZjA0MzhlN2QyNTBkYmQ4ZWRhYzk4YTYxY2Q5NGE5ZTViMjk5OGUwZmNjNzY4NjIyNzkxNDI2YjU0MTdkY2UyMRAAGgwItOyepgYSBAgCEABCAEoA&google_error=3 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=82878272-78f4-4d06-9726-8e6bc91cb539
Request Chain 115
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1690809907368%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync=true
Request Chain 128
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://server.prebid.dianomi.com//setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6ee62855-15d7-4c4b-9480-704502c066f2 HTTP 301
  • https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6ee62855-15d7-4c4b-9480-704502c066f2
Request Chain 175
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdjX4edaTYIS5R6aTubw1V1oHxEJYJbYC8G6SgaiKw0huDce_PvQAB85uBY1nn2uTtsyzb8OsM7Mtvh6wXIt0Cd0HPBDTDUlQYN5-qP2sJzqP91T2Lr8r7NJqqJamogzPURLWndHqkE0uEVKYQ5wf6x_umOqLg1Bd0-nD_WXN3d8noKZVCz_Do1NGK7tAWGxuDMNTElQypwON5nOrve1RySnVSh6vMYqwXvAGUhV7phC4wtBvjjLRRklBNYCviuXsod2isHfBhQPmau8PdFR2ECBvJaxTEUI4Zl7PZSNsg1l2r1JnnTITBl1bAWSFxyYBq8exjSiKFDl_S2kqeFeKucTUttA&sai=AMfl-YTUifYOHgit5WagK3jH8wcYC-MM12t3_3A0Nbm1gaeqMK_2P_dxoMtrv6I5zzp1FsKe0_woTmcgDyJknHQgZV66ziXo72ds92OXcYEQ-nFsb4hsXw4gG37rDqr15NQ&sig=Cg0ArKJSzGCedQXcA8k_EAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13310892769688393457? HTTP 302
  • https://tpc.googlesyndication.com/simgad/13310892769688393457
Request Chain 195
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&khaos=LKQWKBVY-1C-31LF HTTP 302
  • https://data.dianomi.com/frontend/rubicon?uid=LKQWKBVY-1C-31LF&gdpr=0
Request Chain 197
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE3YzZhZmMyM2Y3NzQ3ODFhNTBhYjIzNTFjMjc0YmExNmYzZWQ0NQ&gdpr=0
Request Chain 198
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtRV0tCVlktMUMtMzFMRg==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOPKrdC8F26HLX8GxtEoRmQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0tCVlktMUMtMzFMRg==&google_push=&gdpr=0
Request Chain 199
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LKQWKBVY-1C-31LF&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 200
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V7sgslaXQ0ybCXONI5ZksA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V7sgslaXQ0ybCXONI5ZksA&gdpr=0
Request Chain 201
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWKBVY-1C-31LF&gdpr=0
Request Chain 202
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hW_IPrP1vcRkBkSZ-HVY1cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YVi9gdtE2oIX7crEzVT5qBbezS4othNllrGqeQ--~A
Request Chain 203
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40b09213-c78d-43c4-9319-effcf9e3e189&gdpr=0&gdpr_consent=&expires=30
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBuPwSEFQZ0SPhcbKtsQC9w&google_cver=1
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 254
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 255
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 256
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=85980713-153f-45f9-a9a1-5886e51f729e
Request Chain 257
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ub3YBi5E2uEtsBzKCGIWwfFXT9LTyouT~A
Request Chain 258
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=40b09213-c78d-43c4-9319-effcf9e3e189&ttl=1693401911
Request Chain 259
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
Request Chain 260
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzlDNTgyQ0ItMzNENy00MjY5LUIyRDMtNkFGNjkxMDk5NTRG&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D79C582CB-33D7-4269-B2D3-6AF69109954F&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=79C582CB-33D7-4269-B2D3-6AF69109954F
Request Chain 261
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Db2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Db2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Db2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553
Request Chain 262
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ib1D4z9E2uHBqRvOWGlAah7aX5yuxetAV8qURKE-~A
Request Chain 263
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=null&r=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UIDENC HTTP 302
  • https://server.prebid.dianomi.com//setuid?bidder=undertone&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2f80yjl3upwhbmk3x7b17ds4g HTTP 301
  • https://server.prebid.dianomi.com/setuid?bidder=undertone&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2f80yjl3upwhbmk3x7b17ds4g
Request Chain 281
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LKQWKBVY-1C-31LF HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
Request Chain 286
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40b09213-c78d-43c4-9319-effcf9e3e189&expiration=1693401912&gdpr=0&gdpr_consent=
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMe2N6i4oCT-Kv_evUnfnQAAE5EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwiDuS7gVXrn_6T1GZGat0&google_cver=1
Request Chain 288
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZMe2N6i4oCT.Kv-evUnfnQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE2RgdkXSntYelzFKBma514&google_cver=1&google_hm=2
Request Chain 289
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yRZu2p0UPtTSEjiPxkAgi8oQNIvSET2InES8ZP6m
Request Chain 290
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=be207cf5a97fef8ee835d8f23cae77f0
Request Chain 291
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZMe2N6i4oCT.Kv-evUnfnQAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZMe2N6i4oCT.Kv-evUnfnQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662109298213888
Request Chain 324
  • https://io.narrative.io/?companyId=1952&id=disqus_id%3Acmmk8d63ijqorp&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83297018022 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=b0464a90-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Acmmk8d63ijqorp&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83297018022
Request Chain 325
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Acmmk8d63ijqorp&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=b04671a0-2fa5-11ee-8fae-028fdbeaaa16&companyId=19&id=disqus_id%3Acmmk8d63ijqorp&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Request Chain 326
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D12037%26url%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26adnxs_uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D12037%2526url%253Dhttp%25253A%25252F%25252Fwww.itnews.com.au%25252Fnews%25252Fmalware-spotted-on-barracuda-email-gateways-598623%2526adnxs_uid%253D%2524UID HTTP 302
  • https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&adnxs_uid=6231341697720049043
Request Chain 327
  • https://idsync.rlcdn.com/462246.gif?partner_uid=cmmk8d63ijqorp HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9b331f52-d8d7-4ffa-9c5d-c7b22b283314
Request Chain 328
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIL3zOvAp3OkCHFsSY2I_4c&google_cver=1
Request Chain 331
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1690809916.7542348 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID%2526cache_buster%253D1690809916.7542348 HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=2631938698432708619&cache_buster=1690809916.7542348
Request Chain 333
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=08b8c124-308c-4dc7-8226-68c9ef296142%3A1690809916.7539113 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=71c214fa-a2d8-42dc-88f5-b70d08597587%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=40b09213-c78d-43c4-9319-effcf9e3e189&ttd_puid=71c214fa-a2d8-42dc-88f5-b70d08597587%2C%2C

326 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request malware-spotted-on-barracuda-email-gateways-598623
www.itnews.com.au/news/ 		110 KB
111 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6c0cf4c2c8b4eae24733d76b9da4e0edc5a685f2bcdd4d602e17b657b3358c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private
content-length
113148
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:25:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-ua-compatible
IE=edge,chrome=1
gtm.js
www.googletagmanager.com/ 		239 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b6753afceb875801f1a1bcf9483a46d048de589de42df0fd514d43abca8d5217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85685
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jul 2023 13:25:04 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
3c27abdcf0237d7192356b65997d97fd5b102087afdc0349da00f215290f7e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:09:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:25:04 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aaf4eb43762eb0a12cb6f9ce8c1743bdbf88a28d8b0fe5026ca098713193fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7033786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10101
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-df5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bqa92mqXDoiyh24ufsUBeKFuQyU1YnSm680gGjsWQbqf2Al0lAuM%2FXNPJHrP6MfjiJvfQCAKxApbHSdb68JIBUhcNrCnVQLc%2Bmxdwtj9PcMDoQqPgpTGf5JzwcRVXHtHfG5wPBSd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ef62a4d5a7fa7fc-SYD
expires
Sat, 20 Jul 2024 13:25:04 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
sffe /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 22:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 22:48:27 GMT
css_1402e7e221099bd60efee7e259329369.css
www.itnews.com.au/styles/ 		250 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afdb897372300b0a4adfc7e79332ab1e13b7f22a3cb4690d238522a0886539ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:03 GMT
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 11:31:21 GMT
server
Microsoft-IIS/10.0
etag
"808a8687a2c3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
39032
x-ua-compatible
IE=edge,chrome=1
itnews-logo-sticky.png
www.itnews.com.au/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/itnews-logo-sticky.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a07e5f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3919
x-ua-compatible
IE=edge,chrome=1
itnews-logo-white.png
www.itnews.com.au/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/itnews-logo-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a07e5f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3959
x-ua-compatible
IE=edge,chrome=1
recirculation.epl
www.dianomi.com/ Frame 9770 		2 KB
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/recirculation.epl?id=119
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207057bd3c2e3e5560b7fd1ae51fefa6df3f317bd8fef98bbe309f1ff4f72786
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7ef62a4ccd03a82b-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:25:04 GMT
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smartads.epl
www.dianomi.com/ Frame 4188 		554 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=5141
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cd3a4648d10ee850a3dfac3f8333bf219b896d4636b98581b03ae028a2d7ba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ef62a4ccd07a82b-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:25:04 GMT
expires
now
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fspam_emails.jpg&h=420&w=748&c=0&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f66d09672939516de9c5c2829b9c7cef42b73a226cdf60913d16e42e37970c1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="0_420_748_0_70_/News/spam_emails.jpg"
content-length
62328
expires
Thu, 03 Aug 2023 13:25:04 GMT
newsletter-promo-1.png
www.itnews.com.au/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/newsletter-promo-1.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"32537837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
39346
x-ua-compatible
IE=edge,chrome=1
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2finformation.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9521db8c41cdfe90d860c253f86f77312837187c27de15499f8bd3a8647e171

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/information.jpg"
content-length
4445
expires
Thu, 03 Aug 2023 13:25:04 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2ffinger_print_2.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90039b5cdac762651ef5dc26d3230b87500034670b378f55382b09537f395b4d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/finger_print_2.jpg"
content-length
10537
expires
Thu, 03 Aug 2023 13:25:04 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fryanair-b737-800_medium.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a511566a24f533485456f1c2ed158c2bab5139c92d4d7ee76e70474e2e9c79d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/ryanair-b737-800_medium.jpg"
content-length
4027
expires
Thu, 03 Aug 2023 13:25:04 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2flock_security_encryption_decryption.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2443a79d678039401f2c6aee0dbc42d3baa040a3c5a44b7fc509f2fb3274581

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/lock_security_encryption_decryption.jpg"
content-length
9799
expires
Thu, 03 Aug 2023 13:25:04 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fnextpacific_photorealistic_As_the_trading_day_progresses_the_mo_7662d86d-9dbb-4156-b33d-c51f5668bfc5.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f47e5a573becfd926e196ca89ef79fa1c542fac60ba03e124e5266076dd61052

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/nextpacific_photorealistic_As_the_trading_day_progresses_the_mo_7662d86d-9dbb-4156-b33d-c51f5668bfc5.png"
content-length
88168
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fnextpacific_Envision_a_physical_garage_filled_with_typical_star_c2b39f9b-9445-49a5-81b2-f9a5c997780a.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a735eebc382ebfd736d9ed693e54b70cf11cd44e22d815d3eab0200bef612e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/nextpacific_Envision_a_physical_garage_filled_with_typical_star_c2b39f9b-9445-49a5-81b2-f9a5c997780a.png"
content-length
92763
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fMicrosoftTeams-image_(36).png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ddd688ac9e3605353e4074cbf4e279c64cdad99cba7179240a8959953988551

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/MicrosoftTeams-image_(36).png"
content-length
94105
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fnextpacific_In_a_world_where_information_is_the_new_currency_pr_8fb21d8e-95dd-4929-8f8b-4e4a9e105e5e.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5822be886e011d28b95af323f1eebd45494c8f0fa5adf43363cd0a3f1d0150a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/nextpacific_In_a_world_where_information_is_the_new_currency_pr_8fb21d8e-95dd-4929-8f8b-4e4a9e105e5e.png"
content-length
97298
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRIMINISTREET_OPERATIONALEXCELLENCE_ANALYST_RESEARCHREPORT.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5b298bdd118c4b96b530f8a13df48d857b161957c57fc1a4face478d375635d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/RIMINISTREET_OPERATIONALEXCELLENCE_ANALYST_RESEARCHREPORT.JPG"
content-length
2667
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRapid7_CloudSecurityBuyersGuide.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
138fcb54e22d1d45c68f04bdcf8048f3f3618938f010f1ea25444f4d9039738a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Rapid7_CloudSecurityBuyersGuide.JPG"
content-length
3206
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRapid7_MDRBuyersGuide.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd2a471c9a244edb79af3354718c3968e1f56bcf8b82b6bab20da6aaa971fa3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Rapid7_MDRBuyersGuide.JPG"
content-length
1742
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRespondingtoindustrtrendsv3.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f4d604fe204e8c17b5ffdf044029eee5cbe2ef755af9d7a65aa3182f1d694f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Respondingtoindustrtrendsv3.JPG"
content-length
2437
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fokta_the_future.png&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff0802dba344edbb3666900f129464ec7cf8f2602e5c32cf2e1ae558d8f78031

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/okta_the_future.png"
content-length
17938
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fwww.itnews.com.au%2fImages%2fEvents%2f230628143634Banner+1.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f77237114f40329885a24a86a726fd9a0945d4bdcec920bf18157cf03d4a1140

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_https://www.itnews.com.au/Images/Events/230628143634Banner 1.png"
content-length
26423
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fwww.itnews.com.au%2fImages%2fEvents%2f230706155758TaglineLockup_2C_Horz%4010x+(3).png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c04774b6296678d6fcaddd28925aea4008135c918548496ea7b7c29fb2d72d3c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_https://www.itnews.com.au/Images/Events/230706155758TaglineLockup_2C_Horz@10x (3).png"
content-length
10345
expires
Thu, 03 Aug 2023 13:25:05 GMT
mobile-share-twitter.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-twitter.png
  • https://www.itnews.com.au/images/mobile-share-twitter.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-twitter.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"3b86f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2448
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-twitter.png
date
Mon, 31 Jul 2023 13:25:05 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
180
x-ua-compatible
IE=edge,chrome=1
mobile-share-facebook.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-facebook.png
  • https://www.itnews.com.au/images/mobile-share-facebook.png
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-facebook.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"19ed6b37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1432
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-facebook.png
date
Mon, 31 Jul 2023 13:25:05 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-linkedin.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-linkedin.png
  • https://www.itnews.com.au/images/mobile-share-linkedin.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-linkedin.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"847e6d37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1733
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-linkedin.png
date
Mon, 31 Jul 2023 13:25:05 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-whatsapp.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-whatsapp.png
  • https://www.itnews.com.au/images/mobile-share-whatsapp.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-whatsapp.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"22287237cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3541
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-whatsapp.png
date
Mon, 31 Jul 2023 13:25:05 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-email.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-email.png
  • https://www.itnews.com.au/images/mobile-share-email.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-email.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"c7f46837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2375
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-email.png
date
Mon, 31 Jul 2023 13:25:05 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
178
x-ua-compatible
IE=edge,chrome=1
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		314 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fscam+fraud.png&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
450162017ea4958d4312d388b7b2bec9ed508bbf786be61a5127fd3018aec878

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/scam fraud.png"
content-length
321643
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fGoogle_user_requests.jpg&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce960f29415d47e8e8ede5a2e48d9b4f4376dcc0fa97ad9ffad0d08d28d31c09

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/Google_user_requests.jpg"
content-length
18612
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2f2023-07-26T104612Z_1_LYNXMPEJ6P0GU_RTROPTP_4_RUSSIA-CYBER-COURT.JPG&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc8f981e55bac9f2999abab458c6a9a7a97e9c4d1beef2e663bf97cfe340a688

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/2023-07-26T104612Z_1_LYNXMPEJ6P0GU_RTROPTP_4_RUSSIA-CYBER-COURT.JPG"
content-length
26147
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fdata+security+breach.jpg&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1cb3cf77b239a0a241b313129c7594fa20fbdbd3764b4f174f4a0ab09c0b18ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/data security breach.jpg"
content-length
19122
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2febay.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2400d3387bcafd3e275084c1f236b9101cb78514a08fd936a0e9266bb51d4d45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/ebay.jpg"
content-length
5370
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fKismet___team_portraitUSE.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52356fa79424f57d02bf8363483b11939217d604cbd2a08ed29a06b4c1130546

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/Kismet___team_portraitUSE.jpg"
content-length
7994
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fartificial_intelligence.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5153c665981db6dd56da1a567ed2c4490f3c9d596697ee0e4b54eed44559a259

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/artificial_intelligence.jpg"
content-length
4297
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fai_regulation_.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6a3fa85b2d0ef49b17838d809b041ed6df15ccd0d8e3e355080c93ae7fd08eb4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Videos/ai_regulation_.png"
content-length
91499
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2ffive_stars.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e40f7697b20640b631fcc4997de3bbf0841ff4ceda0ed69cf26273ee8c5cca9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/five_stars.jpg"
content-length
2875
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fmetaverse_loading.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fbf475dc9880897c8a88304c06d0f3f47c4b586f7961edeb90d388ae5bc164f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Videos/metaverse_loading.jpg"
content-length
3035
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fGalleries%2f20230720023910_20230717_Ingram_Experience_Melbourne-21_v2.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
473702059a2b0d588e26ee57e721986d483f978bd7c0efe5cd16be49500de4aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Galleries/20230720023910_20230717_Ingram_Experience_Melbourne-21_v2.jpg"
content-length
4226
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fright_to_repair_TCO.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
348575019698802bed3c19f74802f98acbe55d352c5cf08996d43af5bc6d5536

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Features/right_to_repair_TCO.jpg"
content-length
3021
expires
Thu, 03 Aug 2023 13:25:05 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fGalleries%2fiot_awards_2023_thumb_v2.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f33dfe69dd9091f9050d5bbe9c13de44844ed7e0aa14f775cbad8882b47ab0a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Galleries/iot_awards_2023_thumb_v2.jpg"
content-length
4829
expires
Thu, 03 Aug 2023 13:25:06 GMT
logo_nextmedia.png
www.itnews.com.au/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/logo_nextmedia.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"c7f46837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3458
x-ua-compatible
IE=edge,chrome=1
interactive-logo.png
www.itnews.com.au/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/interactive-logo.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51b6929224317237d4e3c7b597a4e20c75ada03b4b2fba2598713033f657e12a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a1125037cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2819
x-ua-compatible
IE=edge,chrome=1
t.ashx
www.itnews.com.au/ 		70 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/t.ashx?u=&c=598623&s=3&r=&n=%2fnews%2fArticle.aspx&q=id%3d598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
pragma
no-cache
date
Mon, 31 Jul 2023 13:25:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
no-cache
content-length
70
expires
-1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 10:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jul 2024 10:45:26 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 07:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64481
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jul 2024 07:11:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
f1bb47b8efb6a86a7faa2b69f3109da14f4fa7ebefd10026a534724ab57188d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27753
x-xss-protection
0
server
cafe
etag
145 / 19569 / m202307250102 / config-hash: 8635427059522567014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:25:07 GMT
gdpr.js
www.itnews.com.au/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/scripts/gdpr.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 01:21:49 GMT
server
Microsoft-IIS/10.0
etag
"80f4538cdbdd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1378
x-ua-compatible
IE=edge,chrome=1
itn_b4ebb960ba892e4a6ce3d1e480da560e.js
www.itnews.com.au/scripts/ 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/scripts/itn_b4ebb960ba892e4a6ce3d1e480da560e.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94896ce4389c53a0ccaddd54a349db997b1d66238b8cb2b743030d9b8725a019

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 11:31:22 GMT
server
Microsoft-IIS/10.0
etag
"0211f88a2c3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
42579
x-ua-compatible
IE=edge,chrome=1
17.css
www.dianomi.com/img/a/pss/2818/ Frame 9770 		2 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2818/17.css
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2423730
cf-polished
origSize=2720
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 09 May 2023 08:00:28 GMT
server
cloudflare
etag
W/"aa0-5fb3e260f6300"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ef62a4eef33a82b-SYD
expires
Wed, 30 Aug 2023 23:25:04 GMT
100x70.jpg
www.dianomi.com/img/a/url/693584217/1/ Frame 9770 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/693584217/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756aaadc242f919daec07aa78070c5ac5418b3bd7547025676657817674f6cfd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423050
cf-polished
status=not_needed
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sun, 25 Jun 2023 05:25:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
cf-ray
7ef62a4eef35a82b-SYD
expires
Mon, 07 Aug 2023 13:25:04 GMT
100x70.jpg
www.dianomi.com/img/a/url/693642693/1/ Frame 9770 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/693642693/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f54abae7d5b15807a28bcabc4d23bfb84eedde9e04bbbdf8eb82834a5f1ceb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2421597
cf-polished
degrade=85, origSize=10254, status=webp_bigger
content-length
2842
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 10:27:21 GMT
server
cloudflare
etag
"280e-5f8e4b41eddf8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a4eef36a82b-SYD
expires
Wed, 30 Aug 2023 23:25:04 GMT
100x70.jpg
www.dianomi.com/img/a/url/723952761/1/ Frame 9770 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/723952761/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8546baef63781447eef865aefc44b42466568cd0043e1d323c66b0f31a2dd6c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
38687
cf-polished
qual=85, origFmt=jpeg, origSize=1932
content-disposition
inline; filename="100x70.webp"
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Mon, 31 Jul 2023 02:40:17 GMT
server
cloudflare
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
cf-ray
7ef62a4eef37a82b-SYD
expires
Mon, 07 Aug 2023 13:25:04 GMT
100x70.jpg
www.dianomi.com/img/a/url/694329682/1/ Frame 9770 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/694329682/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9314dcdd6a52e90e2d4e6d6bb5189d7076f658a5c036688d3d3684c6511768c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1708028
cf-polished
qual=85, origFmt=jpeg, origSize=1636
content-disposition
inline; filename="100x70.webp"
content-length
1478
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Mon, 03 Jul 2023 14:30:09 GMT
server
cloudflare
etag
"664-5ff9600ec0f68"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a4eef39a82b-SYD
expires
Wed, 30 Aug 2023 23:25:04 GMT
100x70.jpg
www.dianomi.com/img/a/url/723954230/1/ Frame 9770 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/723954230/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c739e0efc70b278c18cd8da50295f163904b7bea346b783c373cd4ee09691f1d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
34761
cf-polished
degrade=85, origSize=27633, status=webp_bigger
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Mon, 31 Jul 2023 03:45:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
cf-ray
7ef62a4eef3ba82b-SYD
expires
Mon, 07 Aug 2023 13:25:04 GMT
sponsoredcontent.ashx
www.itnews.com.au/scripts/ 		1 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/scripts/sponsoredcontent.ashx?type=SponsoredLink&si=Blogs&pa=&sc=32&output=script&ros=True&ord=7178801589783435
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/plain; charset=utf-8
cache-control
private
content-length
1
x-ua-compatible
IE=edge,chrome=1
breaking-news-header-bkg-40.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png
  • https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"58fe1337cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2338
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
date
Mon, 31 Jul 2023 13:25:04 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
187
x-ua-compatible
IE=edge,chrome=1
itnews-logo-white.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/itnews-logo-white.png
  • https://www.itnews.com.au/images/itnews-logo-white.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/itnews-logo-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a07e5f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3959
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/itnews-logo-white.png
date
Mon, 31 Jul 2023 13:25:04 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
177
x-ua-compatible
IE=edge,chrome=1
search-icon.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/search-icon.png
  • https://www.itnews.com.au/images/search-icon.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/search-icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"a0fd9037cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2259
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/search-icon.png
date
Mon, 31 Jul 2023 13:25:04 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
171
x-ua-compatible
IE=edge,chrome=1
bullet.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/bullet.png
  • https://www.itnews.com.au/images/bullet.png
171 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/bullet.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"5a9b1837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
171
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/bullet.png
date
Mon, 31 Jul 2023 13:25:05 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
166
x-ua-compatible
IE=edge,chrome=1
play-btn.png
www.itnews.com.au/images/featured/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/featured/play-btn.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:53 GMT
server
Microsoft-IIS/10.0
etag
"b160aa3acdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2120
x-ua-compatible
IE=edge,chrome=1
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:53:45 GMT
x-content-type-options
nosniff
age
397880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:53:45 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:44:20 GMT
x-content-type-options
nosniff
age
398445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:44:20 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7f2e6e9846753468e37d570cf9ce4d674d8d301876035119573279fac1f7a6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13604749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75852
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-1284c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pbsdKJIbW4NJ4QnZQ5%2BmdsqMK3iHgQXP77Wds6Xwq8pbNcQvSR3lCWwbPIM03LCzBHrVYaeysXn2b%2BJ1r5rtXZEIsl%2B1ndCwbUK12hf8qPpQ4um3O%2F%2BmUP0pihn%2Fu0BRMNtGYkR"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ef62a4f6c05a7fc-SYD
expires
Sat, 20 Jul 2024 13:25:04 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7754b3b966b7772e3be8792c6dba77b4ffdac9d93019b01af14c20fbd4321b3f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3345833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76176
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-12990"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bzh1RmB6%2FbDR5JE6EEgFwXI8DoDG2TaOJyxvLZAhzQvJ3ZdobMguUGqGN0Bj%2FCxkrPdiOF4E7yaXWJ7Rab6zBmvumxXzEc7n1vPr09dvxAzRwqtpofsxg2jexirYXmu4UXLItts6"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ef62a4f6c06a7fc-SYD
expires
Sat, 20 Jul 2024 13:25:04 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:40:33 GMT
x-content-type-options
nosniff
age
398672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:40:33 GMT
PN_yRfK9oXHga0XV5e8qghzW.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV5e8qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:55:32 GMT
x-content-type-options
nosniff
age
397773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18820
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:55:32 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:55:32 GMT
x-content-type-options
nosniff
age
397773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:55:32 GMT
PN_yRfK9oXHga0XVzeoqghzW.woff2
fonts.gstatic.com/s/martel/v10/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XVzeoqghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 23:32:24 GMT
x-content-type-options
nosniff
age
395561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19072
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 23:32:24 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:55:58 GMT
x-content-type-options
nosniff
age
397747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:55:58 GMT
css
fonts.googleapis.com/ Frame 9770 		4 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:25:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:25:04 GMT
css
fonts.googleapis.com/ Frame 9770 		2 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 12:31:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:25:04 GMT
tcfredirector.js
www.dianomi.com/js/contextfeed/ Frame 4188 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/tcfredirector.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26bd65c9dd2fadc88dd5544f27a8bcbca3c2aa1850eead6a38dc8212cf504fea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:04 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:37 GMT
server
cloudflare
etag
W/"c42d-600ea781b8280"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62a4fd81da82b-SYD
expires
Mon, 31 Jul 2023 13:27:04 GMT
network-bar-logos.png
www.itnews.com.au/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/network-bar-logos.png?q=20211001
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:05 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"b1b27337cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
9407
x-ua-compatible
IE=edge,chrome=1
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 9770 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:53:45 GMT
x-content-type-options
nosniff
age
397880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:53:45 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ Frame 9770 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:55:32 GMT
x-content-type-options
nosniff
age
397773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:55:32 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.139 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-139.pacnet.net
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
990, 990
date
Mon, 31 Jul 2023 13:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
1, 4
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=14229
accept-ranges
bytes
content-length
4862
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/?random=1690809904871&cv=11&fst=1690809904871&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&hn=www.googleadservices.com&frm=0&tiba=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&auid=1864363049.1690809905&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e254e21c86519478ea128acd3d543b567c71f364eefc70bae657f5818c18ddfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-2321248.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2321248.js?sv=7
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-61.sin52.r.cloudfront.net
Software
/
Resource Hash
071a3dd61c05dcacc5d360a97e383ea8434c43670a8b71d9420db47e5f3cf081
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:25:07 GMT
via
1.1 1c20fd4ecd6ab2f80432e8e32dafb792.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
etag
W/42abed19625b0d0aa7fcbab03f14e607
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cS8abKmOjI_qkyF81kQCSEdI14UaydbdVXccK5mcbyH9Kzp4ocMhfg==
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:25:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47009
x-xss-protection
0
pragma
public
x-fb-debug
m0LFYy37FJlEdaHBN7RvEj1dSKK0voY+ZoG1ntBgpe4los5ez/+BRyJiy6lMrGdisnKkOQ5NIamgBCqWjUqOxA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
21321196.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.134.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a471a53408958da51e8df8b8d19e5389b002f916c0c0515f85ffbf09baf78d6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
936525e1-81f4-4307-9cda-4ff17ca39910
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=1469
age
3
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
936525e1-81f4-4307-9cda-4ff17ca39910
cf-bgj
minify
last-modified
Mon, 31 Jul 2023 13:25:04 GMT
server
cloudflare
x-trace
2B78ABBC50CB16DDE1F2740F9108D1E0978ABC83C7000000000000000000
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-ds89m
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
cf-ray
7ef62a5f0d6daac1-SYD
expires
Mon, 31 Jul 2023 13:26:07 GMT
embed.js
itnewsnext.disqus.com/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/embed.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ea6e7b2fd424e50dfa8b3a1a8a504f98b76bf1ce4b87a3d598afec396c544102
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:07 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
81
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25399
count.js
itnewsnext.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/count.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
185
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 20 Jul 2023 16:51:41 GMT
Server
nginx
ETag
"64b9661d-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
p_e0-TTsBh3HxN6rsdY0d8dDqgY2osw_7wNmbHGFA7aQYHYScmBgFA==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 11:58:02 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5225
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 31 Jul 2023 13:58:02 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
33fbe177b87eb4e87ee9912219cc60c2d0ec04c9e1ba64139c0c736daeb1372c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87941
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 31 Jul 2023 13:25:07 GMT
smartads.epl
www.dianomi.com/ Frame 4188 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b4a5785c287ef6a8d330ea1d23685970019acab658e3a7164d657e374e393a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=5141
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ef62a58d993a82b-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:25:06 GMT
expires
now
link
</img/a/pss/2818/17.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
17.css
www.dianomi.com/img/a/pss/2818/ Frame 4188 		2 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2818/17.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2423732
cf-polished
origSize=2720
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 09 May 2023 08:00:28 GMT
server
cloudflare
etag
W/"aa0-5fb3e260f6300"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ef62a5bdc99a82b-SYD
expires
Wed, 30 Aug 2023 23:25:06 GMT
viewability11.js
www.dianomi.com/js/ Frame 4188 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
0
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:33:52 GMT
server
cloudflare
etag
W/"32de-5fa523edf86e0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62a5beca8a82b-SYD
expires
Mon, 31 Jul 2023 13:27:06 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 4188 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423869
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a5dbe52a82b-SYD
expires
Wed, 30 Aug 2023 23:25:06 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/298709/5/ Frame 4188 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/298709/5/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12fccf7e8708b33fd569370ac537aa4fd3039bedb6efaa8343de195f42af870c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
483508
cf-polished
qual=85, origFmt=jpeg, origSize=4672
content-disposition
inline; filename="100x70.webp"
content-length
3254
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Jul 2023 08:31:49 GMT
server
cloudflare
etag
"1240-5ffa51d4abbc8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a5dbe54a82b-SYD
expires
Wed, 30 Aug 2023 23:25:06 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/271997/2/ Frame 4188 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/271997/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62df622306d660e66ea705c7a95e9ee01431acd24c65c7c4f721d661aff1dd43
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
318987
cf-polished
qual=85, origFmt=jpeg, origSize=5471
content-disposition
inline; filename="100x70.webp"
content-length
3430
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 01 Jun 2023 20:44:00 GMT
server
cloudflare
etag
"155f-5fd177effba48"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a5dbe55a82b-SYD
expires
Wed, 30 Aug 2023 23:25:06 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/288687/5/ Frame 4188 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/288687/5/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb31e048754b2e273235ec593805df0cbece9d6ed4120cff6ff6be5eef69644
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
711466
cf-polished
qual=85, origFmt=jpeg, origSize=3327
content-disposition
inline; filename="100x70.webp"
content-length
1574
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 20:18:32 GMT
server
cloudflare
etag
"cff-5fdb812aada70"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a5dbe56a82b-SYD
expires
Wed, 30 Aug 2023 23:25:06 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/296430/2/ Frame 4188 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/296430/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6429c3027716822950ce1897567ef30be52f271bc500077ce41fa34f28a0b58e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1535507
cf-polished
qual=85, origFmt=jpeg, origSize=4210
content-disposition
inline; filename="100x70.webp"
content-length
2514
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Jun 2023 22:39:14 GMT
server
cloudflare
etag
"1072-5fdf6635b5790"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a5dbe57a82b-SYD
expires
Wed, 30 Aug 2023 23:25:06 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/286683/2/ Frame 4188 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/286683/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30fc2a3c7bfeefdc6440753ca908587e2e0afeb63718b1b8209356e1e333b119
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:06 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
173509
cf-polished
qual=85, origFmt=jpeg, origSize=3819
content-disposition
inline; filename="100x70.webp"
content-length
2156
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 06 Jun 2023 06:55:33 GMT
server
cloudflare
etag
"eeb-5fd70816f0370"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a5dbe58a82b-SYD
expires
Wed, 30 Aug 2023 23:25:06 GMT
B29495057.365802594;dc_pre=CK_ckt-FuYADFYJKnQkdvdcMTw;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809906;dc_lat=;dc_rdid=;tag_for_child_di...
ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/ Frame 4188
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809906;d...
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=CK_ckt-FuYADFYJKnQkdvdcMTw;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;u...
15 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=CK_ckt-FuYADFYJKnQkdvdcMTw;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809906;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
caf99f1cbf2a8320bec82de7890f95e7d5b9559d7c8d04ab479517dfec05a7ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11820
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=CK_ckt-FuYADFYJKnQkdvdcMTw;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809906;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 4188 		4 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:20:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:25:06 GMT
css
fonts.googleapis.com/ Frame 4188 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 12:56:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:25:06 GMT
pixeljs
data.dianomi.com/frontend/ Frame 4188 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1C50422D915E4AC1A06356A3B9E8D0D3&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e504ee9b98727faf79bcf69da7c3dfe4cbcc0df7f45908914e49dec09b27d58d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:07 GMT
strict-transport-security
max-age=2592000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
7ef62a5dbe5ca82b-SYD
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 4188 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:53:45 GMT
x-content-type-options
nosniff
age
397881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:53:45 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ Frame 4188 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:55:32 GMT
x-content-type-options
nosniff
age
397774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:55:32 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 4188 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:40:33 GMT
x-content-type-options
nosniff
age
398673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:40:33 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:07 GMT
x-amz-version-id
aAzOiTTzU7.XykyGrcpmeR7PTeB2LyLv
via
1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
322
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.387/bundles/pixels-release.js&cfRay=7ef622831b25aae3-SYD
x-cache
Hit from cloudfront
x-hubspot-correlation-id
d536b708-e1ef-45a9-9096-63ec5fe82a2d
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d536b708-e1ef-45a9-9096-63ec5fe82a2d
last-modified
Tue, 18 Jul 2023 03:27:27 UTC
server
cloudflare
etag
W/"784f994871e489c9943a65326d43e875"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-xhv87
cf-ray
7ef62a63d8deab0b-SYD
x-amz-cf-id
lPky_SRJYqER1s0nCqDVgppo9yYeEUQpsavKz8pGJWfL4GwW5kXDNw==
x-hs-target-asset
adsscriptloaderstatic/static-1.387/bundles/pixels-release.js
21321196.js
js.hs-analytics.net/analytics/1690809900000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1690809900000/21321196.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
363770b3b4022e82a9a7208139456e57a888c78936e6d21da9985a82a0bf61ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
SRXF0Q5EQRPQEC28
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
46d3d1f1-b159-472b-a0cb-b4ef96282a08
x-envoy-upstream-service-time
17
x-amz-id-2
7RSXF0e+Q1wKmQ/IgxpKRkuBo9GXhyBWFdL+kugmSLoZE7qXgimOlD66f87Ry0/E5fAQt1JnPG8=
x-evy-trace-listener
listener_https
x-request-id
46d3d1f1-b159-472b-a0cb-b4ef96282a08
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 20 Jul 2023 16:40:03 GMT
server
cloudflare
etag
W/"28a53e854fd02f44677ebae0c2474649"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7ef62a646c8ba82b-SYD
expires
Mon, 31 Jul 2023 13:30:08 GMT
banner.js
js.hs-banner.com/v2/21321196/ 		209 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21321196/banner.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140f1fb8af2d84d9a97d2d26372392b4034929da4a8de4412caaaa5942353a75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:08 GMT
x-amz-version-id
VWSCLRaGW2HieUGG0j1WGFHkFPfp9qXc
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
NHH3XTN2Z009NSTC
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
age
45
x-envoy-upstream-service-time
26
x-amz-id-2
jydUVuwZ/XD/qL91IdqQ2xYk2gO7ZBYG7HGeWMNlpzEc2Thx/2gzaLzWB7Wye1AnMfm2R9nHrjc=
x-evy-trace-listener
listener_https
x-request-id
f031bb13-23a3-4252-99ab-9d2b207d9c21
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 22 Jun 2023 19:00:46 GMT
server
cloudflare
etag
W/"6ee368503cb4f800a49a1e686eae6ed7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7ef62a65ae0ca95b-SYD
expires
Mon, 31 Jul 2023 13:29:23 GMT
usync.html
eus.rubiconproject.com/ Frame EA41
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1C50422D915E4AC1A06356A3B9E8D0D3&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.198.37 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-198-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jul 2023 13:25:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 31 Jul 2023 13:25:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
server
AkamaiGHost
cookie_sync.html
www.dianomi.com/prebid/ Frame 6E01 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1C50422D915E4AC1A06356A3B9E8D0D3&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2a96501b91fcaf2db6eb6ae3513dd7a76c9754f623b08c19e80f6d7b5d48a7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7ef62a6058d9a82b-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:25:07 GMT
last-modified
Tue, 25 Apr 2023 12:24:50 GMT
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
data.dianomi.com/frontend/ Frame 4188 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&can_programmatic=1&geo_country=9&smartad_variant_id=7334&device_type=computer&organization=latitude.sh&referer=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&geo_state=new%20south%20wales&publisher_id=1339&adgroup_ids=124782%2C121946%2C121487%2C114524%2C101056&impression_id=ZMe2MgBv84AzLMmJvUidEgAAAEg&adgroup_variant_ids=298709%2C288687%2C296430%2C271997%2C286683&geo_ccod=au&geo_dma=&hosting_facility=0&include_rtb=2&smartad_id=5141&session=d9724699ebcec4a9764124759e307b22
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1C50422D915E4AC1A06356A3B9E8D0D3&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dianomi.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ef62a6058d7a82b-SYD
access-control-allow-headers
dianomi-force-dmp
458249.gif
idsync.rlcdn.com/ Frame 4188
Redirect Chain
  • https://idsync.rlcdn.com/425276.gif?partner_uid=d9724699ebcec4a9764124759e307b22
  • https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIGQ5NzI0Njk5ZWJjZWM0YTk3NjQxMjQ3NTllMzA3YjIyEAAaDQiz7J6mBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=da227da3839a9b4ef0438e7d250dbd8edac98a61cd94a9e5b2998e0fcc768622791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkYTIyN2RhMzgzOWE5YjRlZjA0MzhlN2QyNTBkYmQ4ZWRhYzk4YTYxY2Q5NGE5ZTViMjk5OGUwZmNjNzY4NjIyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkYTIyN2RhMzgzOWE5YjRlZjA0MzhlN2QyNTBkYmQ4ZWRhYzk4YTYxY2Q5NGE5ZTViMjk5OGUwZmNjNzY4NjIyNzkxNDI2YjU0MTdkY2UyMRAAGgwItOyepgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=82878272-78f4-4d06-9726-8e6bc91cb539
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=82878272-78f4-4d06-9726-8e6bc91cb539
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=82878272-78f4-4d06-9726-8e6bc91cb539
date
Mon, 31 Jul 2023 13:25:09 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
x.bidswitch.net/check_uuid/ Frame 4188 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
modules.6b15d95870354fc25d31.js
script.hotjar.com/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6b15d95870354fc25d31.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-94.sin52.r.cloudfront.net
Software
/
Resource Hash
46e9e4a4dcefc780ebf5d3d24bdbc96d647beb4244df31bf35f4ba77a077de06
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 09:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
273482
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56514
last-modified
Fri, 28 Jul 2023 09:27:03 GMT
etag
"d8fc4fd06d4a76974c96d8997389f289"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
7DDqXR4XyF9YsHFp9LwVeBxGKu9hFrqebBH4MU8Lu3domZpw8z_EzA==
recommendations.js
itnewsnext.disqus.com/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/recommendations.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
4a9548e1aedb6f913e9ee52e39276060e40362976a133be54b5fe1bbbe30d42a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:07 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21161
token
cdn.linkedin.oribi.io/partner/1503796/domain/itnews.com.au/ 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1503796/domain/itnews.com.au/token
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-107.sin5.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:14:49 GMT
content-encoding
gzip
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
619
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
k_pwEh8RKStd352J8xVAzwD0SgVh-OA9751GAjlyKZGhfhhglYdeTQ==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1690809907368%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync...
0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync=true
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A0661C5061A541A1A696BEE4D651B7E0 Ref B: SYD03EDGE1710 Ref C: 2023-07-31T13:25:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYByFwCkDGBEnklrTP6Zw==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' snap.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:25:08 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYByFv+jnnwZWEDJwbp7g==
pragma
no-cache
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 02F3887621944334B9CECFDCCADB0CD9 Ref B: SYD03EDGE1710 Ref C: 2023-07-31T13:25:08Z
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809907368&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/658328797/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/658328797/?random=1690809904871&cv=11&fst=1690808400000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&frm=0&tiba=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&fmt=3&is_vtc=1&random=6341333&rmt_tld=0&ipr=y
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/658328797/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/658328797/?random=1690809904871&cv=11&fst=1690808400000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&frm=0&tiba=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&fmt=3&is_vtc=1&random=6341333&rmt_tld=1&ipr=y
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
disqus.com/embed/comments/ Frame C505 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03a27bd290072540db749ce00cb5e19f373881119b9bf4c247740125f6953e9a
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
4
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2833
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 31 Jul 2023 13:25:08 GMT
ETag
W/"lounge:view:9794445677.b88677622affe8081866d44410d65f36.2"
Last-Modified
Mon, 31 Jul 2023 01:27:15 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4188 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_trk_aid=560019703;dc_trk_cid=193447331;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809906;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 23:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
50161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jul 2024 23:29:07 GMT
count-data.js
itnewsnext.disqus.com/ 		328 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/count-data.js?1=598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f3825254f45cd3af8f249994cd530bae02db42a80654a9c736ab0558d9a6e8c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:07 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
40
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
328
X-XSS-Protection
1; mode=block
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 		386 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 05:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
28129
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125535
x-xss-protection
0
server
cafe
etag
10403599952857238940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 30 Jul 2024 05:36:18 GMT
cookie_sync
server.prebid.dianomi.com/ Frame 6E01 		3 KB
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.prebid.dianomi.com/cookie_sync
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.232.8 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-232-8.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef13a00969cb7b1f061d92814dc1318acaa9687600d8687f0d615c3b7f4e0340

Request headers

Referer
https://www.dianomi.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dianomi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
626
expires
0
collect
analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VF4SSPXWVE&gtm=45je37q0&_p=97588346&_gaz=1&cid=584243827.1690809908&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690809907&sct=1&seg=0&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&dt=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_section=News&ep.site_category=Technology&ep.site_subcategory=Security&ep.site_keywords=%7Cbarracuda%7Ccisa%7Ccve20232868%7Cseaspy%7Csubmarine%7C&ep.article_heading=Malware%20spotted%20on%20Barracuda%20email%20gateways
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VF4SSPXWVE&cid=584243827.1690809908&gtm=45je37q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VF4SSPXWVE&cid=584243827.1690809908&gtm=45je37q0&aip=1&z=1731789184
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
991594294528179
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/991594294528179?v=2.9.119&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
e5526a9d8dd37f8f5b82ded543bcbfbe1165fbb82f41d4855b99845c63ad98a2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:25:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110125
x-xss-protection
0
pragma
public
x-fb-debug
339Y8JjHcaOv7+F3LTJnhtRZrs8liFg+okWs9R59DrcZC86UEBpV9jsshT/W/kU0cik9w4GWNriED73twoFUSA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=97588346&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&ul=en-us&de=UTF-8&dt=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2016288769&gjid=1979710656&cid=584243827.1690809908&tid=UA-102830131-1&_gid=1631202061.1690809908&_r=1&_slc=1&gtm=45He37q0n81N4K222Q&cd1=News&cd2=Technology&cd3=Security&cd4=%7Cbarracuda%7Ccisa%7Ccve20232868%7Cseaspy%7Csubmarine%7C&z=1857818498
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
server.prebid.dianomi.com/ Frame 6E01
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gd...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdp...
  • https://server.prebid.dianomi.com//setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6ee62855-15d7-4c4b-9480-704502c066f2
  • https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6ee62855-15d7-4c4b-9480-704502c066f2
86 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6ee62855-15d7-4c4b-9480-704502c066f2
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
18.140.232.8 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-232-8.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Accept-Encoding, Origin
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:08 GMT
vary
Accept-Encoding, Origin
content-type
text/html; charset=utf-8
location
/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6ee62855-15d7-4c4b-9480-704502c066f2
cache-control
no-cache, no-store, must-revalidate
content-length
158
expires
0
/
disqus.com/recommendations/ Frame 32AC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80c585ce5507aa82336e73df5e7411b4679a7aeb600b8c137e70fa4d551cc4c2
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
40
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2372
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 31 Jul 2023 13:25:08 GMT
Last-Modified
Mon, 24 Jul 2023 01:32:07 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
lounge.load.617b1d7777ec737a28f95e7268f17c68.js
c.disquscdn.com/next/embed/ Frame C505 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.617b1d7777ec737a28f95e7268f17c68.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
8727d9c01c8591ed8626da718e82bb55a54dc4a486a3f3f572335985f8014c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 26 Jul 2023 16:37:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
420461
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
623
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 26 Jul 2023 16:31:54 GMT
server
nginx
etag
"64c14a7a-26f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
HEgN8-VOJhKSgGtWtuZg6gHdDKNZVdrjFwOy7HZqfKjTARFz5PRa5w==
expires
Thu, 25 Jul 2024 16:37:27 GMT
470261513615109
connect.facebook.net/signals/config/ 		379 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/470261513615109?v=2.9.119&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
62ec5ad67eecd3fd555fe125955e0055f796d090de26684cafe5c00ff668fc86
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:25:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110684
x-xss-protection
0
pragma
public
x-fb-debug
O0xG3Tm+yxrt2cKlgMAeJKhQK0c/0ulrSzZWu8jJ496ruh8kJNgwIUcmRGIWHEBu09B9EoHjmRRtQqri3oaF2Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102830131-1&cid=584243827.1690809908&jid=2016288769&gjid=1979710656&_gid=1631202061.1690809908&_u=YADAAEAAAAAAACAAI~&z=1978908655
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 31 Jul 2023 13:25:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-34.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:42:54 GMT
content-encoding
gzip
via
1.1 4d13b118cedf75df371701666cf78c30.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C2
age
6135
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fNDzKbSL9x-QmZX88g0Bvf137VUAAO18tjSLZs-wpGCVxTfF2V-SGA==
esp.js
cdn.id5-sync.com/api/1.0/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
5THY05G9J82P3VE8
age
1824
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ef62a6a7a3f6a72-SYD
x-amz-id-2
ctFQnhXpZDGcDl8CNSXT3vPNoM21xfaG+0PdgaOkyoxYYUxc5jc7Cjx/kyjuwXbSGXHyJZCM8yg=
close-white.png
www.itnews.com.au/images/ 		438 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/close-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:07 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"13ef2437cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
438
x-ua-compatible
IE=edge,chrome=1
ads
securepubads.g.doubleclick.net/gampad/ 		234 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=58925157451165&correlator=2158333557169071&eid=31068366&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=1003277%2CiTnews-SuperLeaderboard%2CiTnews-Leaderboard%2CiTnews-MREC%2CiTnews-Button%2CiTnews-inRead%2CiTnews-Interstitial%2CiTnews-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=1000x100%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x100%2C728x90%2C1x1%2C640x480%2C1x1&ifi=1&adks=667020349%2C2669764438%2C1265387520%2C3406322226%2C2734568407%2C4122735841%2C3533778239%2C727088295%2C964912442&sfv=1-0-40&ists=1&prev_scp=%7Cpos%3Dtopb%7Cpos%3Dsto%7Cpos%3Dsto2%7C%7Cpos%3Dfooter%7C%7C%7C&cust_params=sec%3Dnews%26aid%3D598623%26cat%3Dsecurity%252Csecurity%252Ctechnology%26kwd%3Dbarracuda%252Ccisa%252Ccve20232868%252Cseaspy%252Csubmarine&sc=1&cookie_enabled=1&abxe=1&dt=1690809908344&lmt=1690809908&adxs=240%2C531%2C1044%2C1002%2C1002%2C240%2C256%2C-12245933%2C0&adys=234%2C80%2C557%2C3878%2C4158%2C4569%2C2390%2C-12245933%2C5330&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&frm=20&vis=1&psz=1120x90%7C830x100%7C300x769%7C373x691%7C373x691%7C1120x90%7C740x1832%7C640x-1%7C1600x147&msz=1120x0%7C829x0%7C300x250%7C343x250%7C343x0%7C1120x90%7C740x0%7C0x-1%7C1600x0&fws=0%2C0%2C512%2C0%2C0%2C0%2C0%2C640%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=584243827.1690809908&ga_sid=1690809908&ga_hid=97588346&ga_fc=true&dlt=1690809903693&idt=4584
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
8ad6ef15c893e19ca51beacb649a9a1a5f1e16527621dd838b10bd748e2bff46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43777
x-xss-protection
0
google-lineitem-id
6341548964,-1,5544015491,210970477,-2,210970597,4675091891,-2,6341548964
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138439238749,-1,138331790990,112427617957,-2,112427618197,138233473879,-2,138438581973
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itnews.com.au
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C83D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:09 GMT
expires
Tue, 30 Jul 2024 13:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		122 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21321196
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.203.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06858ebff3571e21150204c3dd2b8933bfa9f4ad0c8b928f4abb0154e816b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
18e8a1a0-77b7-44a1-a5a4-fb1e6883c8b3
content-encoding
br
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
18e8a1a0-77b7-44a1-a5a4-fb1e6883c8b3
server
cloudflare
x-trace
2B80F0BF204DB4AC804F66C6EBF041A61F3E316E3D000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-swhgs
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQvFgpoTksB%2Fn1Jkr8uVkvvyOBdd09opoY73qlohdRuBSyZYbmkyOMqBlu5Q%2BOteswuCKMJfxSjWO%2F7Zq1l7pkt1QvuEMEJbZpCV5qOAYDsRVhJXAuGRMxYlVyhAAE96"}],"group":"cf-nel","max_age":604800}
cf-ray
7ef62a6adf69a7ff-SYD
access-control-allow-headers
*
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F0BB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
228616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Jul 2023 21:54:52 GMT
expires
Sat, 27 Jul 2024 21:54:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
recommendations.load.885ab6576d98e58fe91518733ccb84a2.js
c.disquscdn.com/next/recommendations/ Frame 32AC 		923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.885ab6576d98e58fe91518733ccb84a2.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
af0d73c6aa0094b56a7b2e7fc9014047a15c9ef3aa9403a6e7a7ecf919a9a282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 14:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
601615
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
447
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Mon, 24 Jul 2023 13:43:23 GMT
server
nginx
etag
"64be7ffb-1bf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
21v_iOAfqgJBK4bQGZb1Cxr0P57QN71a3vVa7c7mBsRpeglDMLgTsA==
expires
Tue, 23 Jul 2024 14:18:13 GMT
586918102853434
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/586918102853434?v=2.9.119&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
df76a49c4fc856c13b3999ac5324970e9636fe63f47813c934c5e67b13911107
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:25:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110079
x-xss-protection
0
pragma
public
x-fb-debug
Vnu1B8x0izBcYGaoNBVdHBWXQsKIueT9Up47Khsq7qIxDFeXVfL4IbKy+BWzWneuo/YePqnAQW+vuKDnQr8PNg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EA41 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.198.37 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-198-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7c477a41c984ea9041127149772459966705113ef9cf300f69f724374fc6cd6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 05:38:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58378
Connection
keep-alive
Content-Length
10114
Expires
Tue, 01 Aug 2023 05:38:06 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame F0BB 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 04:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
31350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Jul 2024 04:42:39 GMT
khaos.jpg
token.rubiconproject.com/ Frame EA41 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=991594294528179&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809908825&sw=1600&sh=1200&v=2.9.119&r=stable&ec=0&o=30&fbp=fb.2.1690809908822.1079329485&cs_est=true&it=1690809907754&coo=false&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:25:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=470261513615109&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809908831&cd[currency]=AUD&sw=1600&sh=1200&v=2.9.119&r=stable&ec=1&o=30&fbp=fb.2.1690809908822.1079329485&cs_est=true&est_source=248881786549407&it=1690809907754&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:25:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=470261513615109&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809908831&sw=1600&sh=1200&v=2.9.119&r=stable&ec=0&o=30&fbp=fb.2.1690809908822.1079329485&cs_est=true&it=1690809907754&coo=false&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:25:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=586918102853434&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809908832&sw=1600&sh=1200&v=2.9.119&r=stable&ec=0&o=30&fbp=fb.2.1690809908822.1079329485&cs_est=true&it=1690809907754&coo=false&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:25:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102830131-1&cid=584243827.1690809908&jid=2016288769&_u=YADAAEAAAAAAACAAI~&z=1794332629
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102830131-1&cid=584243827.1690809908&jid=2016288769&_u=YADAAEAAAAAAACAAI~&z=1794332629
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.itnews.com.au
date
Mon, 31 Jul 2023 13:25:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
cookie
cm.adform.net/ Frame 6E01 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
server
nginx
content-length
43
content-type
image/gif
map
bcp.crwdcntrl.net/6/ 		235 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.32.105 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-32-105.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b0373ea70dd48e32f9e47c4995630908c1141bce66a66d540aad3b363a2f27b9

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache
x-server
10.42.22.236
access-control-allow-credentials
true
content-length
235
expires
0
collect
px.ads.linkedin.com/ 		0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809909077&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4FAD390C908942F882E5BC075253DFF4 Ref B: SYD03EDGE1710 Ref C: 2023-07-31T13:25:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYByFwFWAlpkllKlrkvxw==
common.bundle.3202c242c010134b5e230e1eedac257a.js
c.disquscdn.com/next/embed/ Frame C505 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.617b1d7777ec737a28f95e7268f17c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
873393a05908a3a9edb8ae7dba2e6ab2cf902a99eb4f77428d35650ec6cd3cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 14:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
601592
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94160
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 24 Jul 2023 13:43:23 GMT
server
nginx
etag
"64be7ffb-16fd0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
qwoznsXG5n81dHE0enH7RAO_RazK5bZxWnjrBQKVhrXKfBmry7tmhQ==
expires
Tue, 23 Jul 2024 14:18:37 GMT
common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
c.disquscdn.com/next/recommendations/ Frame 32AC 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.885ab6576d98e58fe91518733ccb84a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
3680185d688777bcfa7bb43dce7cfa2fe08c7802602a9a80f193458e751dc1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 14:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
601590
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88839
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 24 Jul 2023 13:43:23 GMT
server
nginx
etag
"64be7ffb-15b07"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
4c9PGuQoRGMq7jcA9SAthxP7K0uXmVRgfwjcCpEJICnTah8jBjdR-A==
expires
Tue, 23 Jul 2024 14:18:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C428 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8xRxktO1yl5tAyZ1iLBnUj5Ig79AKNe8I7csujeREXXT60SGKxyP8Jexk3UyJunQKN_XT3DOJsiZ2ojcgDGrLDoyfW6QdGCyZcmhCZxQmJkSkvEsP9B-uc1uZz8cY9Hg7vdAVeS5tLjkZ88sJTI2b8FaKXfmVpf1bCeHnSAvlQIhkXe0oMVKWW0MP6aYeAa0aw778LN2MzuulS5Q6F9u-fvYXrGyA7YENPIvjVEBto8CIxqKFQcX3YL-fC5ILxR9HCfAArFDC92w8w9RbdgcMHFvN65SeCYtZGkMojeBy6MG98PPVfC36M6jhb6fpokaYRJj19gKwjs99eHv9uZrJHZvvbIIh9yxvuPQfUQ&sai=AMfl-YT4HA_55ojYN8x1n-RJYk-419TeKyut_UaV5upLPodkTbBdHHRRRWSrFXXpEu3Z0BY_n3nMcUQT0hYp5_OoflwDiQebgA_hZjWnZDvxKZeptCfiIu8KlcfNnFez6zg&sig=Cg0ArKJSzH9PwAtkYiO8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame C428 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 06:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
23310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
17712579318771444318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 06:56:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame C428 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
80064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 15:10:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C428 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:25:09 GMT
14523706426131975402
tpc.googlesyndication.com/simgad/ Frame C428 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14523706426131975402
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
273068b738a5668178c25574c7c6dd4da0c34e9a21bf975f9785ee3f615cbc78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 05:27:49 GMT
x-content-type-options
nosniff
age
28640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53932
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 07:52:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 30 Jul 2024 05:27:49 GMT
l
www.google.com/ads/measurement/ Frame C428 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_Z2yRQHzvICWjTxCAsMy5t3kSaOj5YzZbVfl_9a4eGDyGatUBpKGXkJMrBnxKytWWORrLcYihhLEUCwBb0MTSuDYVeA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307180709000/ Frame 83EC 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 00:11:00 GMT
age
306850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62064
x-xss-protection
0
server
sffe
etag
"7c75c6afffb97d84"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 00:11:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 83EC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 23:48:38 GMT
age
221792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5274
x-xss-protection
0
server
sffe
etag
"b24c5d555100d699"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 23:48:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 83EC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Jul 2023 03:58:00 GMT
age
206830
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29021
x-xss-protection
0
server
sffe
etag
"908f04349b1b2df1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Jul 2024 03:58:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 83EC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 17:44:57 GMT
age
243613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"5416cfef676738bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 17:44:57 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 83EC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 10:25:11 GMT
age
269999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13013
x-xss-protection
0
server
sffe
etag
"4da616cd662b7cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 10:25:11 GMT
truncated
/ Frame 83EC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d264dd235f0b9617c9534a2639ecb05590f2f3a5d24b9473e6053153fb31f519

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
container.html
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BC1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:09 GMT
expires
Tue, 30 Jul 2024 13:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:09 GMT
expires
Tue, 30 Jul 2024 13:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5CED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:09 GMT
expires
Tue, 30 Jul 2024 13:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C8B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4i_25XmraMarFI4Aew6IXT88Onuyie2nnWbEQCIVGmSUYihq6sIwVotp4WJTl0JBa-QpEOStw7-77gePTYpZuzT-cDvCZkA1pgWncq0qZioK3glQ9ltuE8fXxr7tSAXiD--7BwFnFC6VwpN8OMr1DqwA2O32tiai853jv5KlF5ZBH4V8aeSfzuniqu90xWrUsvwU7JjGf2B6yg-1IkFhy-lEsLG2aJ83fK5DAgzO9LHUJ2T5R9OdLAzHXzG9Tty0cXXKa8ZhNLFu6d9l6Vz0LggQYeRWVyCtnGmEbZZBnLt4l8teWcttm9pMDZ1QQ8iWUNbQPNw&sai=AMfl-YQyKbLleVGOiXiwujoVPnScytbGf2VJZ5TA9Y4b0huzjhhWn_1js2ZFGEO0I_Siza7Ouw0LhFhvyYftSMPVNdHQFJ0iO2yOIpOIOcZRflyvk6SneMNaGofYhg6izSs&sig=Cg0ArKJSzHNkaFPC9iV5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tag
a.teads.tv/page/84405/ Frame C8B3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/84405/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.197.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-197-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f45a13a60901989d54f571c1ca7bf81ec213be82e6c109c9f0e3f4b2e43e06fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
1021
expires
Mon, 31 Jul 2023 14:25:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8B3 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:25:09 GMT
13310892769688393457
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdjX4edaTYIS5R6aTubw1V1oHxEJYJbYC8G6SgaiKw0huDce_PvQAB85uBY1nn2uTtsyzb8OsM7Mtvh6wXIt0Cd0HPBDTDUlQYN5-qP2sJzqP91T2Lr8r7NJqqJamogzPURLWndHqkE...
  • https://tpc.googlesyndication.com/simgad/13310892769688393457?
390 KB
390 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13310892769688393457?
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
700f84e5c8ed93fdad5dfdae22c3738620c334e8e6b54a086c7da39213c88ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 10:24:01 GMT
x-content-type-options
nosniff
age
97268
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398919
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 07:48:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jul 2024 10:24:01 GMT

Redirect headers

date
Mon, 31 Jul 2023 13:25:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/simgad/13310892769688393457?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 7259 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50a4606616a0a3036f9097f292f4e85fc5d1c6655623f78714baab1c0eff8694

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
2997136221131739376
tpc.googlesyndication.com/simgad/ Frame 83EC 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2997136221131739376?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmaf-Z9F5KOoE0tCuJXfLho00a0oA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
ca4807bcd016bde95f1a05b75fd42a6529ebdcc74b0a707f12c744d31100006a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 18:06:45 GMT
x-content-type-options
nosniff
age
69504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17868
x-xss-protection
0
last-modified
Thu, 18 May 2023 01:11:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jul 2024 18:06:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 83EC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:35:09 GMT
x-content-type-options
nosniff
server
cafe
age
78600
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Mon, 31 Jul 2023 15:35:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 83EC 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:02:59 GMT
x-content-type-options
nosniff
server
cafe
age
37330
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 01 Aug 2023 03:02:59 GMT
l
www.google.com/ads/measurement/ Frame 83EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdILljFNboSMtrfwtAkcrQg3r3SqhjnVO7MjHx8D_fobVIuFQD9QmbpTSqurvTy2OGKNJZ6kcp_6j1-T9XdD2rGB4zkA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
truncated
/ Frame C428 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bebfc209e8e630a7b4ec0f0ef7d0cd1539e44e733c3ceaba266e2806495a5ef5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ Frame C74B 		0
51 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:09 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 8BF3 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:09 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 6784 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:09 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0BC1 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
18642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jul 2024 08:14:27 GMT
contextfeed.js
www.dianomi.com/js/ Frame 0BC1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72cfcc19216942a43a64b5a9f36c1254aa4b0fa1eb9a41d0eb58faad9b3d316a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:41 GMT
server
cloudflare
etag
W/"db2-600ea785d36d0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62a6f9e6da82b-SYD
expires
Mon, 31 Jul 2023 13:27:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BC1 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:25:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C5A4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
18642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jul 2024 08:14:27 GMT
css
fonts.googleapis.com/ Frame C5A4 		4 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
23722328c52e617c75fea862c7c345d9e717036eed4624f3fd3266ab9b463d63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:18:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:25:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C5A4 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:25:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C428 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2o0M102GU9-yZt-ytZuHH0KVL8BvGLVtxpnEFE0froaU2qcch6XGiZl1ImaRaQKMaAlBz_Jrja2m2HksgLWecsTXQTEY4twRcbd8Mp5zer4QufEFxQZRbYtLj7ar72Lz1xd2EQSAIeKzq-HixtlPSfmR6J2lVyIWf6Jf8TU0Syr7RmI7zApAWCjnJFwkMzz4qaj-mlajbkdOZ9mHRTS68tFw4Kg50f84GeBTWg6W3Y0b8rNFQplbSE0JpkVBp3zozZtVZiJ561r2RnLsepyLNYdn8wD3-mccAj9fdH1Wy8aEgNfpDrQtFb7T7ZLhmwM_L8i5g_d1cOAfxExW8866_PQ&sai=AMfl-YTODJeFmYh-VSQS1eCVCyQftWqlUemPG16T1QlOzoy-YPGWnDpHLLs70hw7E_6bCRVQdmXhOf8w6Q9tJiYAqhmbKMeN6jqG1jjK15PE_R0v4yzy6WyLsaEk97UE0Lo&sig=Cg0ArKJSzHgi9OhUZn3tEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:25:10 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5CED 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
18642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jul 2024 08:14:27 GMT
css
fonts.googleapis.com/ Frame 5CED 		4 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
23722328c52e617c75fea862c7c345d9e717036eed4624f3fd3266ab9b463d63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:25:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:25:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5CED 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:25:09 GMT
rubicon
data.dianomi.com/frontend/ Frame EA41
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&khaos=LKQWKBVY-1C-31LF
  • https://data.dianomi.com/frontend/rubicon?uid=LKQWKBVY-1C-31LF&gdpr=0
68 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.dianomi.com/frontend/rubicon?uid=LKQWKBVY-1C-31LF&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
68
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ef62a77eec0a82b-SYD
access-control-allow-headers
dianomi-force-dmp

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://data.dianomi.com/frontend/rubicon?uid=LKQWKBVY-1C-31LF&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
truncated
/ Frame C8B3 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e941f4613a62512e388fe89fcff97665620fe5ecb17511e488f97ec6b4912828

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame EA41
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE3YzZhZmMyM2Y3NzQ3ODFhNTBhYjIzNTFjMjc0YmExNmYzZWQ0NQ&gdpr=0
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE3YzZhZmMyM2Y3NzQ3ODFhNTBhYjIzNTFjMjc0YmExNmYzZWQ0NQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H2
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE3YzZhZmMyM2Y3NzQ3ODFhNTBhYjIzNTFjMjc0YmExNmYzZWQ0NQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EA41
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtRV0tCVlktMUMtMzFMRg==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOPKrdC8F26HLX8GxtEoRmQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0tCVlktMUMtMzFMRg==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0tCVlktMUMtMzFMRg==&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0tCVlktMUMtMzFMRg==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
ecm3
s.amazon-adsystem.com/ Frame EA41
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LKQWKBVY-1C-31LF&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LKQWKBVY-1C-31LF&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A6DDJDX78FBXQXQJFFWW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LKQWKBVY-1C-31LF&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
ecm3
s.amazon-adsystem.com/ Frame EA41
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V7sgslaXQ0ybCXONI5ZksA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V7sgslaXQ0ybCXONI5ZksA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V7sgslaXQ0ybCXONI5ZksA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HBCKCWMYG5M0Z2560551
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V7sgslaXQ0ybCXONI5ZksA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame EA41
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWKBVY-1C-31LF&gdpr=0
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWKBVY-1C-31LF&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CDE94480897743CB870BE1FC98502299 Ref B: SYD03EDGE1710 Ref C: 2023-07-31T13:25:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYByFwXDbmYp8HZgH9YXg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWKBVY-1C-31LF&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EA41
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hW_IPrP1vcRkBkSZ-HVY1cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YVi9gdtE2oIX7crEzVT5qBbezS4othNllrGqeQ--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YVi9gdtE2oIX7crEzVT5qBbezS4othNllrGqeQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YVi9gdtE2oIX7crEzVT5qBbezS4othNllrGqeQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame EA41
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40b09213-c78d-43c4-9319-effcf9e3e189&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40b09213-c78d-43c4-9319-effcf9e3e189&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40b09213-c78d-43c4-9319-effcf9e3e189&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame EA41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBuPwSEFQZ0SPhcbKtsQC9w&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBuPwSEFQZ0SPhcbKtsQC9w&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBuPwSEFQZ0SPhcbKtsQC9w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F0BB 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4401M7bHZN-LEL3p3LUPurODqAEAAAAAOAHgBAI&bg=!JySlJHDNAAZGOVy5Zjk7ADkAdvg8WjZ4aOLH5Bn-MdVKFJPlbzpo9HxzZCYnd7DBM15qqDe7D6K1ugCZdqU3Frf7_p96QYetdZsCAAAA-FIAAAAIaAEHmQLWjbZYkcWdRg_HVod6uC27X3QIpeyFGbxojDZs7QoG75nf0PJLIz7vtBoNTl1Lh6l_k8Ui_QcQVDmOMXqww6EklZXLbQXXO3JeqU-qOQU_BQ-ET0fBWMMdFVKYP2WCfYOTY5gD29vZqDL_mYngtsyNxXyBB3tZjZNKZefLIyS89onkhr86yEnFemN807vPgg4338-qhTz7IrynTaOpPcMV5gU0THtI5CuG_0mPKigC3EzCyXcLWiDvfkWocwT-3WbUv5zUeoDverWPcZG4-2zIHbO6GdTE9vNujbnv8m03jfVM6mIOT6JF5ig7Y0wp81iBcFaP9uUbjaqNE56uMIgrGMc5ra0g-ZI2Uj1IQTnTIlHALHokH4Gl9ir38ZAET9efJbg33Y03wF3bR1mO8EPh0tNwWiaW8KDo0xpOWII4wvSHBnjUgrKUcVn0oq11xV4k8Zmzv9g9yrg2qhzdd0b8t3Mj9TQHT5a7NU0LT-G7E6SIMl5xTAv7Z0Ibda-kK7ztXbIEFR8naNLDwiSiRgc3H8CXaFd0EcBLROsqI7Ev-60PKuWhz3PtmLXozaZ2NeGVAqDmxPUpq_7P0_UR1azZUN2OrqODyT-dewF4S1cDrtNntV3d2uLEDFFusnL0xQ3bBAG6mpI8JVIxyjxv_2O2AGoQW7GiTlNLelv8R4hvld9YiB6ah4iGQ-QBwbDILgNFyd5AXtfb6-eEfldyU74u5ajXMyUBevzVA07Dk9XxQGOfbi8afAC1JhYLoGtdtvwuk7eSW9XsaS-Du-9Eu9F4N4BxeK7js7KmhcVJ9LTcI-j1tzFzeefMjGPWsUPK-O6YK2z9n6ImumZtPjHLST2RNmpRoG9nLKqn6yyFKk-SC35XvpeC4yG2K4RIkHQQdDWmRHqABlbI6tF0CmCj9u7hhYymEGgoN0T6COTGe9t4nvCnGgZjjKy53xDkIjhHmmCD5DMc9Kf9
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0BC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQZEHzJ-QX0dvTHv0jy33kZIMOu6BeuMYFKEe6RK20Rfs7bL5R7lp76tFKacdnaSq0-5o7p4iW4c5mF1QbWsXmA4JUg872KGVg-2ZsdcikX09UHzIQV7ww6QizcdmVXkqfV1q_ZjG45m1scvqk1x2pY9mZkXr751dBMmOX6cTjlhsIz2tO02rQzgmL8xABpsHgOfbtCZ5ljY27gQyWPt-9RgItpIXHQ2VX278dT3hvvzyENO8to5WsJ92R0qgR5wLfij6Fqny8Ghf8nlauD9hJDHHUUId7YCybPO6yhjLYTkRtw5V1moTIfwnqcaxs5OiDA4wLrpSIgnn1GTgiOxsTWA&sai=AMfl-YT_nZQSm8WZW8-UZ9c6vLleEob4U3zyE-2IZRpFeSbiRoLYRfqWQC8OTXxMonsBOWGEqttP-uk5AXkIOL7_ojmDuvvt2c00yj-LE_81R9oQpH1qLJcfBhRT7l5M_JQ&sig=Cg0ArKJSzPqMAkEg7eC9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C5A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLT1ZHEUBi8QtrjlD2_uKm_bHHyeL4oYy7vznndRr1hd0guMD1ao-Uooh-MTnOpOreDZqY8XHZOhcJzfVNQyD76Fpor1eJiLL3Si6rfpQCPw6gRvSy0ED-dMxBuFm2BWMXokBFCQ68nNFiGNX2_5IVQGsvrkNw-CsVPbxino3WUvckExo48qxDxqJT0wN3l86-rL7WfXHHq9DJry0Vuy9jAXxBWvUQI1dpooZlv2C5H62QFtcfMW0Xlb6rBMPhKLhyTHq-c86mp6xelORBhEbV9DtpZLOTwFsP9CHbGiysig5bkm64FWvFTKX3VnK0nhWoPEgECA&sai=AMfl-YQbxrc0l7TI7_euOLmVgCBakMZoIkTj1AOxwInwxEGOAAYTsjvBdRcTMyHTyD9OcH6v-Pt0x4Ck6i77F7DBlnoPN6zZxWhQ7OifVkeYqhiTggDCa2cSVTLdv0a0Kn4&sig=Cg0ArKJSzERCoSXbsO6QEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Headlines.ashx
www.itnews.com.au/Utils/ Frame C5A4 		151 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/Utils/Headlines.ashx?num=3
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4e18a8d98ab695fa02c99cf5de4e717159b94965a97b08e945ab5ea5d54b156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
date
Mon, 31 Jul 2023 13:25:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-length
151
expires
Mon, 31 Jul 2023 14:25:09 GMT
itn_nl_ad_bkg.jpg
www.itnews.com.au/promos/assets/ Frame C5A4 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/promos/assets/itn_nl_ad_bkg.jpg
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fd465ca2273945009162c292d5e28f4be78a1ed4512f93e79d2c1275e99a7459

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
last-modified
Mon, 22 Mar 2021 23:48:55 GMT
server
Microsoft-IIS/10.0
etag
"bf16a2eb751fd71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
19698
x-ua-compatible
IE=edge,chrome=1
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ Frame C5A4 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:43:16 GMT
x-content-type-options
nosniff
age
398514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34432
x-xss-protection
0
last-modified
Tue, 02 May 2023 17:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:43:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5CED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxJH57dXT11sXGlolnUu17bG9xWCm2bnkU-atPl41-a6GcGs_RQOxXGO4hD9YqGVDzQjiXvY4GKNG4jmdy2AXiDRLhvC9m5I2i2vjZJq6v3NXcc8dJmpIteQZZao5bYk6l-_LRcvruyG4uKkch_UVA2mvDh5ge9RTvpc7A-P1pwUXws6-V2A7XzIS_MD5ddhYx91n4kwRQ1JcCflT-_uLmrVOQpvJHah4CFOktNpVwf3FShcwCYLynfprNCmRiGGRZPlFUHrx116jttgT8qMXJwhwMGo8aZAIrOaKTO513dgCGncMvazlS8nDWq227DnkJVkgnRwtDDQXK7RI&sai=AMfl-YS88LVhAgdzqynHsOaMkWyW-aH79lImkBW1icCF-zmiTCm5jAKgG0cfRWgQhQmGjiDe9nRW6WOHVPVBcYUjPbpRqXALHV3mLKwWjYdzW8VRPM5p4-A6SY3ud5b8ZJU&sig=Cg0ArKJSzPmy8aSOmI1PEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Headlines.ashx
www.itnews.com.au/Utils/ Frame 5CED 		151 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/Utils/Headlines.ashx?num=3
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4e18a8d98ab695fa02c99cf5de4e717159b94965a97b08e945ab5ea5d54b156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
date
Mon, 31 Jul 2023 13:25:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-length
151
expires
Mon, 31 Jul 2023 14:25:09 GMT
truncated
/ Frame C5A4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b91b53fef1feb4a00ba6e72937894a398441c54f7b120064eb957760bd36306b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
itn_nl_lb_bkg.jpg
www.itnews.com.au/promos/assets/ Frame 5CED 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/promos/assets/itn_nl_lb_bkg.jpg
Requested by
Host: dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
URL: https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
057282e686d0bbd277a83b8863290210ce4e384955e3fc750db2a2d7e818bc16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:09 GMT
last-modified
Mon, 22 Mar 2021 23:48:55 GMT
server
Microsoft-IIS/10.0
etag
"6bdba6eb751fd71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
14456
x-ua-compatible
IE=edge,chrome=1
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ Frame 5CED 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:43:16 GMT
x-content-type-options
nosniff
age
398514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34432
x-xss-protection
0
last-modified
Tue, 02 May 2023 17:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:43:16 GMT
truncated
/ Frame 0BC1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
606f3e7c3cb798393455df1b6e6abec51053f139a239c847027621dc271f7f2d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
contextfeed-frame.js
www.dianomi.com/js/contextfeed/ Frame 9B73 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c99a09e4f01cab98d0e63c5efca84025dcaa98a8ad96306e8cb142ced9d723a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
24
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:40 GMT
server
cloudflare
etag
W/"16d0e-600ea784c6a08"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62a7238f1a82b-SYD
expires
Mon, 31 Jul 2023 13:27:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0BC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMa7NYDMsT-PvJl1A8A5KWiWtWr6H4NflbTHMYJbANn36hpst1nPsy3Hi-AUwybgJpxbibQVFH4PZ1cMS81gUDxmeUH6BQb95HizO1AOrbRUjACUFnf20GSrXW8_RwigOnuOt4kAg-3OkXRR7JKxhj1UxiYdCQWzfkcIdTj-UfujrSL1SdFzcAZCSl4Caz32zEmC9cvkp3s16UJ4ZQATSWdx3cwdfaqiB531EQaJmaeWmhhigkJD8ZqnwBaRabo62EnIQgdwyN0SgXjIgWINkgJEt02CMrTnodF-TkuwqEgmBwn1tLl5BJblbJwZ_u2oR4tekXKQ&sai=AMfl-YSrMo6tyS5EHPO0l3XG13k2V-O3gZAr3oOWagN3yZNau4LQGx-KgI_MekQnDWjOi9f65ZtGeABjhbB5Gah7dEfQzOtkRTig5QIFDNFJYeXoUndZwx50awpPlUQ1wGY&sig=Cg0ArKJSzMTW-D_CjNpuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:25:10 GMT
truncated
/ Frame 5CED 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a58a1e027e73e07a5bdb58729fd5823ea1fb3e3b05624f14b9cc7c84172ff69

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C5A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_Ro3_7R--Y-TA7jQ1wAw7QUWvWl26LEZlYbYMoutkHJNBMiZ_o7eA_Lwae2K-dVqb7exDLg3GtbjPkoaNt3XpfR6mjU7iedMcy8p4XbvMNTEpcHCz5rhRmURRrLmmNdmv_ESt53I97ew0b8h7g3vpPrsa6ghUNx6YKkZ6wsqTcms2yC8k5tcL7RDKGodmfhhtu_xo734WCv0HNRiQ33fibXzafvkuzEmlGHRN06Kb30iTHG9ZR_DA8b_v_JCSAGGn6kRWo7iv4aLI82Fd7VzQhJ8WQxJVc3NPdx0srVqSScdllENG5kXTsUbw_EJ9q_wZRz5qx2IU&sai=AMfl-YTERprm9g7Wi5_M5NoFrpwkMVFd4DIDDLd9NQw2ewovUfJT2Lu_jLfhgrBjHwuluxXBLZg1dAWnV5T_0u6T6xr3cLymaKuKgIDBasuSPiVFNpa6IqaUfX86-k38eO0&sig=Cg0ArKJSzN1_eWu_RCh8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:25:10 GMT
context.pl
www.dianomi.com/cgi-bin/ Frame 9B73 		513 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/context.pl?id=318&h=dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com&url=https%3A%2F%2Fdabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384f2ade44595afc321669265a96b3c217e582daacf359d84ac8732d2dfc5654
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
cache-control
no-store
access-control-allow-credentials
true
cf-ray
7ef62a7319dea82b-SYD
x-xss-protection
1; mode=block
usersync.html
cdn.undertone.com/js/ Frame 9D4F 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-95.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
35903
content-encoding
gzip
content-type
text/html
date
Mon, 31 Jul 2023 10:33:57 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 456e9698bd1002705d9e83bb010ea4fc.cloudfront.net (CloudFront)
x-amz-cf-id
SITHlkjuOc2arE-7_fp2_AFqv6Ztsng-pLD9rcbxZD0eGQOdi5e0bQ==
x-amz-cf-pop
SIN2-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame 5CED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXlaKdVc5KhinngWermitPJnM9W0l4MBpMQt3oo0iSt9H-iLdpfmbMNnLlK9AuINykHLX4P-G-AUrM8cR9zlQRtCmseb2MtRDbt67d_PR-jr8EkkC3WOG4eg3Ry00vGwe4A2giAh5r9v3Fm-yVsEQGSQTxY4QRBTY6gqD9aTLmOYcpCtdoUPljw_6MBk5GiZIW4UodhWjbopkC4RjwHi9D5FWJgVids-UObpf6MD2BvGDHlYh2b94KxcLrASjuuCrzQTysdx7mu_-P2_Tl2ZlW2nfTQ3FtcTf44Lgr647tp2G7on-j8GXzeHSychAPR3Jke_zZOI7hnrdmx0MSCQ&sai=AMfl-YRMPZQias1lzmBDUdVJ-ulWnFFuoubtoPb3C8G4pxj--o2Uhy5IdzPtxbpU2sOX6fRGe9l5ZXfLeeEL-dnIYqo9vgjfN4WdYOYZcviHyRQSghWRSChh-yIaXMrIA7U&sig=Cg0ArKJSzHJQ112aezGZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:25:10 GMT
lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame C505 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 07 Jun 2023 13:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4663913
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33282
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 01 Jun 2023 09:36:56 GMT
server
nginx
etag
"647866b8-8202"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
ViGkDSQlesZfUsggo21s_-axgn3YCZHzDcSIW2BZb3utfiNzL98f3A==
expires
Thu, 06 Jun 2024 13:53:17 GMT
lounge.bundle.8d43781db1026e9c55a26282e41175e4.js
c.disquscdn.com/next/embed/ Frame C505 		513 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.8d43781db1026e9c55a26282e41175e4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
dd678abe4206125f55c6db17aabe17aaabe8daa1b4b168ec17ca1c391791e731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 06 Jul 2023 17:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
2144639
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
130979
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 06 Jul 2023 17:36:25 GMT
server
nginx
etag
"64a6fb99-1ffa3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
UcIN_PSA0LCpItlW-jQqe7UayQdfSbewx2fEehrzTBdTzheHa0KyBg==
expires
Fri, 05 Jul 2024 17:41:11 GMT
config.js
disqus.com/next/ Frame C505 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
639b382082c552d87856ae001e41e15fd0a2c0f14fe14da03f0523fd43840bae
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:10 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
13
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18726
X-XSS-Protection
1; mode=block
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.197.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-197-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e68116bc7e240285fe9125e7d5cfe11aa818b0780b4089138145893348a4380

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2023 09:36:43 GMT
x-amz-request-id
41H28T4A182F2QH7
etag
"89a8b91f69efbc645fb889412d179f05"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
5
accept-ranges
bytes
content-length
133838
x-amz-id-2
VbwSE0FcbivKa9+JFqB8kmPsT90Z3xiBJPC98AVbgcgLEw0v6oSIEC5kpdmUHxFmM9V1zA6xUy8=
expires
Mon, 31 Jul 2023 13:55:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C8B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwPrP0C_IbQEvxcCQrfhCeTPp8CKO116tbDFCq5V2hJICpYC7j_0n200Vf0qf5f8PqVNDJADGCijFTUG5KoZwVOfMNd7ZCRYC7r9Uj3c3LMcgPNi9VT2ebdezN09b0mC8fX-SHFv_VVoTxqZ5ajz71k7mhfpagtZzd7FtCmN38akWAyJ0UBaJt5ZDCLg87pIqpkdQsRk-mj3OMKKufECZ48DI1P8Wg_1znn_JSHiAcJPx_-BKPocbaGHalP2fZe5rZ0edTEcW4qkAgRXOjuQjYJQqrEhVQ3K3Pn_P2OHCcl1pYRORGvp3ACTXK9nTdZ6bqQoa2PKVZ&sai=AMfl-YTnb74rOgqw2mh9N23ezF9ixa7bR7uxzVJASR_eDutayabmYPoXZEaeE2yX7vBheZOMcWchbCdXwl7KGgu0G2tdpCbg_hA1qDYT2KlTJaeA3zESg4Sx5i3qKHv1j4g&sig=Cg0ArKJSzBvC7ctE6OrDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:25:10 GMT
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 32AC 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Jun 2023 20:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4034794
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2968
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 13 Jun 2023 13:52:02 GMT
server
nginx
etag
"64887482-b98"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
WCg_wS5GBn5gRfL4PpmNggRALZ1xHPf51UE1p5B1PcC2pqi_p0B1Cw==
expires
Thu, 13 Jun 2024 20:38:36 GMT
recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
c.disquscdn.com/next/recommendations/ Frame 32AC 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4216016
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20326
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:19 GMT
server
nginx
etag
"6480aebb-4f66"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
LKLasHg4Enb457MfqUIF-9zc4pV2zEseMpIIlC5l_1-BBsxXsaRhWQ==
expires
Tue, 11 Jun 2024 18:18:14 GMT
config.js
disqus.com/next/ Frame 32AC 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
639b382082c552d87856ae001e41e15fd0a2c0f14fe14da03f0523fd43840bae
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:10 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
13
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18726
X-XSS-Protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 83EC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 Jul 2023 13:25:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
details
disqus.com/api/3.0/forums/ Frame C505 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4852446e73df08adca2732771f6823a5db5657d72a420f0d433dd9dd9710a1a9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:10 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
40
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3193
X-XSS-Protection
1; mode=block
2997136221131739376
tpc.googlesyndication.com/simgad/ Frame 83EC 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2997136221131739376?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmaf-Z9F5KOoE0tCuJXfLho00a0oA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
ca4807bcd016bde95f1a05b75fd42a6529ebdcc74b0a707f12c744d31100006a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 18:06:45 GMT
x-content-type-options
nosniff
age
69505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17868
x-xss-protection
0
last-modified
Thu, 18 May 2023 01:11:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jul 2024 18:06:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 83EC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:35:09 GMT
x-content-type-options
nosniff
server
cafe
age
78601
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Mon, 31 Jul 2023 15:35:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 83EC 		344 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:02:59 GMT
x-content-type-options
nosniff
server
cafe
age
37331
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 01 Aug 2023 03:02:59 GMT
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C505 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 06 Jun 2023 17:03:04 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4738926
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 01 Jun 2023 09:36:56 GMT
server
nginx
etag
"647866b8-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
bHE6HXqpr_eK3F1WQcuNMKkL9T06U_1A3U4cxRxFNk2YpCQ3XR3t9A==
expires
Wed, 05 Jun 2024 17:03:04 GMT
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame C505 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:09:59 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4216510
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-b9b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1mvICN2AFxuyGbnaWyr07dzptfoYLNSD40cai7XJRH7os0NbnuD_7A==
expires
Tue, 11 Jun 2024 18:09:59 GMT
email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame C505 		840 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:09:59 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4216510
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
840
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-348"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
8qUo0WAIkExyV8S9b4cbG698xZuyUgkfK13ZEnF1olr-OfVXuU01oA==
expires
Tue, 11 Jun 2024 18:09:59 GMT
privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame C505 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 21 May 2023 11:15:37 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
6142173
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
891
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 18 May 2023 20:44:46 GMT
server
nginx
etag
"64668e3e-37b"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
40nMUq6xvf6wz9m0DZWRuEGTCTJ9plBv258KusYuY65zS4uEDaulbQ==
expires
Mon, 20 May 2024 11:15:37 GMT
warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame C505 		605 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 04 Jun 2023 16:27:18 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4913872
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
605
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 30 May 2023 18:28:53 GMT
server
nginx
etag
"64764065-25d"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
OEyUPjnl2qfoOmFcxg2M7v8vqZRILwTSeFWVS65-wnOP7Z0lV7-u5Q==
expires
Mon, 03 Jun 2024 16:27:18 GMT
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame C505 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 11 May 2023 21:50:26 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
6968084
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 09 May 2023 18:32:30 GMT
server
nginx
etag
"645a91be-6e3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
kphEt3Q7Y-B5jl-Hsxq0wxm7BiONmiaYVAOmVUHyJ6sEPQ4smEiyLA==
expires
Fri, 10 May 2024 21:50:26 GMT
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame C505 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Jun 2023 20:36:39 GMT
via
1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4034911
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 13 Jun 2023 13:52:03 GMT
server
nginx
etag
"64887483-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
W1xuJhhBuAlg9jvcTHr7bIS9VRer4IBJ7ahSDuj5Lsr8_UOC6Velsg==
expires
Thu, 13 Jun 2024 20:36:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C428 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6ndwIk3Bu2xXHCaMn40CM-ZsixhF3aJhrvY6b-Wixe3ieU_k3YE3p3Asxn27_FXIaHOlI5IXHZmU5GdzLYn_7S_yy2h0Gq3mzWB6_S1W_z5bQYS0U&sig=Cg0ArKJSzEPqpA6YlODGEAE&id=lidar2&mcvt=1055&p=234,315,324,1285&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&v=20230726&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=667020349&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690809909374&rpt=321&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 2C3F 		337 B
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4216510
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
ZBA8uib1AvIqTQ1A86Tm6JGAyNlrsyrt0o-M0mvlbgwRbis3Bx-o3A==
expires
Tue, 11 Jun 2024 18:10:00 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 560A 		337 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4216510
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
5AR5aMBOZJygrVKG_X_YcUvU0c4eT9BMv0lCE5Kw84aBbr5gDWkx1w==
expires
Tue, 11 Jun 2024 18:10:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame C505 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
6e59243b160e942d880d620c687882be65940f46630c5a364bf7f94bde02cf0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:25:10 GMT
content-md5
ZPULVPigdGph9B8Uq6xkQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
/kpX58ZYPSQqOjnVAdOT2zDv8BzQcEjaSuRsEiLTVZVrJeIrzi6V1jB14Fepzioq1aVgfNI/OW7StyW9cGQryA==
x-fb-content-md5
6c4fde3805bcf2ceb24e4d24f1fb637b
cross-origin-opener-policy
same-origin-allow-popups
etag
"649438c902dec32f4d977544694380d9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:37:07 GMT
api.js
apis.google.com/js/ Frame C505 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
sffe /
Resource Hash
8bc38f41caf8475e5c70dd384d90d20998e45b17725b2d86ebd00e76d67436a3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:25:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7115
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"f61b76739d030dc2"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:25:12 GMT
details
disqus.com/api/3.0/forums/ Frame 32AC 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4852446e73df08adca2732771f6823a5db5657d72a420f0d433dd9dd9710a1a9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:11 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3193
X-XSS-Protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame 83EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2nRANLbHZLXYH6Lmz7sP0--AgA_puobjcZb-2vC3EdvZHhABIP2ApzpgpYCAgJABoAH9qeffA8gBAqkCNPaySG5wpj7gAgCoAwHIAwiqBKECT9CnuUa_QJVjrMnXB4sA4YbmeksIYQiy2kxtr9GRXg7IQjBEqBLBegLjupygzlpzxsQ75s56ObfRwsK6lpVY6dlRpQOClyc9iKKfaOy6FHNI4vQhtFw-ZfiOOfEQSGb1f4gGkr0V1N1rP14pnUZUrSYFHDzXiNUFrsHbq7YNU6SQ82jJHmaoAYwanXDUgK23fWgs1vjK6RiR7_busf6wRz1bNJeJ5k_GfhUrtW90O3CAs1ityJiiRPn9RnvJcGfcYe6EH9ugJ2bKQCoueGoIVlAKIG4RIelRWznfwZY8e2F7RIkU-QiR41upxFp2rTX6l_B3Tqd681rVK-AhWhjznWnAmZoBJxsowOAujkD6Wxm4O3QZRLgPt8mu7y1HoCjx5MAE6Ia4g6sE4AQBoAYCgAeTrJcgqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQw6QG0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAgqBgoEw7CxAtgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0zNDU1ODE2NDkxNTI2MTM5GN3YBQ&sigh=mPVKfMahBAo&uach_m=[]&cid=CAQSPABpAlJWc5MWkyZx7UnYzFfA3gZXV47dvbZ14USgpxvcXTPDZ4W3wc3JpN7HOGTN4KKfbxxn21gvvk11shgB&cbvp=2
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 32AC 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=itnewsnext&thread=ident%3A598623&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c677e7e59b2a945d5adac85c58e5fba745286343f823dabd3d7a4a0046ddb89d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:11 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
874
X-Frame-Options
SAMEORIGIN
Vary
Origin
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
5587
X-XSS-Protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ Frame C505 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7e3fa7460cd93363b01e6225aef4c1a7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
8f7ded4b688a27af5776a865c217b57c4143392e1cb2ceb3eb7e93033ef50c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:25:12 GMT
content-md5
eTICqRUXjX6PwHyAvEL5Pg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87282
x-fb-debug
BtWXeE/8NjsUegsG7U76FYp5QgMI6bByRh4UAEa17XOnOpuhzt7AeOqjZpXbv0Rj7GcsnOHo/yJDNzTwnIdsbA==
x-fb-content-md5
a2f0789f621390b7e9314096f9645506
cross-origin-opener-policy
same-origin-allow-popups
etag
"bc89487f6b64f0ee3ea30896cc64388b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 30 Jul 2024 11:34:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BC1 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZfN5BSar8aUBOHo6xWxVQojM2S18LEsAh9w9Z8aZdxL0gCOvJI5O8Au_m0sA2VBsSfgoDi0nqflKVbvgIZV_p8Zpx5X9yAX-Kh8l9Mt3n0cM9TMT8&sig=Cg0ArKJSzMBskg5DavZwEAE&id=lidar2&mcvt=1000&p=557,1044,711,1344&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1265387520&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690809909418&rpt=653&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4BDA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a2c2f1d7728a66a302d0f226406772173d4569e8a8fc10e9670d7e566e7d0268

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1996
Content-Type
text/html
Date
Mon, 31 Jul 2023 13:25:12 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 31 Jul 2023 13:25:11 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame C898
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.198.37 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-198-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jul 2023 13:25:11 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 31 Jul 2023 13:25:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 9D4F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=85980713-153f-45f9-a9a1-5886e51f729e
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=85980713-153f-45f9-a9a1-5886e51f729e
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
I-Qp3W2iau-U6TQTdCGjavYPhSRnCIsTWEmRSpdnbzFm1EQtJYmo5g==

Redirect headers

date
Mon, 31 Jul 2023 13:25:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=85980713-153f-45f9-a9a1-5886e51f729e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 9D4F
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ub3YBi5E2uEtsBzKCGIWwfFXT9LTyouT~A
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ub3YBi5E2uEtsBzKCGIWwfFXT9LTyouT~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
xowTnlzNqDIJ3IT0zQ_e4jjbc4wLy6QmU3uAaolCPL2k-vsy85Hyrw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ub3YBi5E2uEtsBzKCGIWwfFXT9LTyouT~A
date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 9D4F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=40b09213-c78d-43c4-9319-effcf9e3e189&ttl=1693401911
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=40b09213-c78d-43c4-9319-effcf9e3e189&ttl=1693401911
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
FDsmRNtLEleIE4a-y9twZy2Mj0LxXslvH_vqrg6F3NsqXWr3zw0s7w==

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=40b09213-c78d-43c4-9319-effcf9e3e189&ttl=1693401911
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame 9D4F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
vQ0aj2s1fUhMH2jFkeu-1gV6QLst3Te5IyjcO8Y5Nd2gO0mjtrLU6w==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
sync
usr.undertone.com/userPixel/ Frame 9D4F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzlDNTgyQ0ItMzNENy00MjY5LUIyRDMtNkFGNjkxMDk5NTRG&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D79C582CB-33D7-4269-B2D3-6AF69109954F&us_privacy=%24%7B...
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=79C582CB-33D7-4269-B2D3-6AF69109954F
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=79C582CB-33D7-4269-B2D3-6AF69109954F
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:14 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
t1ob_vzCZRaj3Tx_oi_i7cr6SFcx4DVt9MWXSCgCZRVSDARAjQCXtQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=79C582CB-33D7-4269-B2D3-6AF69109954F
date
Mon, 31 Jul 2023 13:25:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 9D4F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:13 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
7Tg2WQ6uIofPq10zVM57ZvpyGQNlctMt9A8Ya6XUhdUwo9IaC9lOzg==

Redirect headers

date
Mon, 31 Jul 2023 13:25:13 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 9D4F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ib1D4z9E2uHBqRvOWGlAah7aX5yuxetAV8qURKE-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ib1D4z9E2uHBqRvOWGlAah7aX5yuxetAV8qURKE-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
31JPC2l1rE-zojmG4ZTX_9YOTPtdsSF0ZQyCrG55wbSF7eykzwi-ZA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ib1D4z9E2uHBqRvOWGlAah7aX5yuxetAV8qURKE-~A
date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
server.prebid.dianomi.com/ Frame 9D4F
Redirect Chain
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=null&r=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D...
  • https://server.prebid.dianomi.com//setuid?bidder=undertone&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2f80yjl3upwhbmk3x7b17ds4g
  • https://server.prebid.dianomi.com/setuid?bidder=undertone&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2f80yjl3upwhbmk3x7b17ds4g
0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server.prebid.dianomi.com/setuid?bidder=undertone&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2f80yjl3upwhbmk3x7b17ds4g
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.140.232.8 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-232-8.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
vary
Accept-Encoding, Origin
content-type
text/html; charset=utf-8
location
/setuid?bidder=undertone&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2f80yjl3upwhbmk3x7b17ds4g
cache-control
no-cache, no-store, must-revalidate
content-length
152
expires
0
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=f387923c-4aec-42bd-975d-2d98bde05e0b&pageId=84405&pid=117459&debug_metadata=QbKLVaBYTf&fv=1226&ts=1690809911202&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.185.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-185-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:12 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=f387923c-4aec-42bd-975d-2d98bde05e0b&pageId=84405&pid=117459&slot=native&fv=1226&ts=1690809911214&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.185.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-185-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 31 Jul 2023 13:25:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
get
c.disquscdn.com/ Frame 32AC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foracleplane.jpg&key=_epI2uk8evJOrahOMa4mLw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
dbbaf8d65b0f93f0917e1371b5c9df6862501b47bf980eab24be520ab4050776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 19 Jul 2023 02:18:03 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
1076828
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
8153
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
KBKS04pG1tLYG5SpwfXvg5j8ltiupaA_wnI8wmMgqtRPFzOa16lXDw==
expires
Fri, 18 Aug 2023 02:18:03 GMT
get
c.disquscdn.com/ Frame 32AC 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20230720103706_facial_recognition.jpg&key=MGNGYLamL3HtUARJ46cLJg&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
252037c7c756e70b49902c9f12247aa047899f522c6c0c77d012970422fbc6bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 20 Jul 2023 04:18:23 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
983208
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
26743
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
MvdZ-iPM4xKFXMR_ls6RuxwPeZzeUbynWNxN_xcoc8eR9kuQa1EyGA==
expires
Sat, 19 Aug 2023 04:18:23 GMT
get
c.disquscdn.com/ Frame 32AC 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2FMeta_Privacy.jpg&key=Z0NMLuLdeiSWOs8hMRjYbA&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
61548ef09524a1844c526bed164fb495360ca5d5c4102eb29bbbeb3c817f1adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 27 Jul 2023 02:56:05 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
383346
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
6546
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
RsAZbsm83Q2i04rs9Vi_YAn-3zJ06Bt55MYxtwoiNe3rjMFL4C3J-g==
expires
Sat, 26 Aug 2023 02:56:05 GMT
get
c.disquscdn.com/ Frame 32AC 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2FCRN-money-AUD-dollars-480236741.jpg&key=s-RJ4DUnDN1EKfSlJqiINQ&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
f57db404c841fc1a045d674d20a1f964f1d4aa7f7d59969d17c915eddd78875f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 20 Jul 2023 13:33:24 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
949907
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
10524
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
9k642wcIdwF3NcJlJbSldmQSbNZGj_kM-KhK448URCXuNdrImMVhyw==
expires
Sat, 19 Aug 2023 13:33:24 GMT
get
c.disquscdn.com/ Frame 32AC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fauspost_sign.jpg&key=xN7ml19yCzbuyCr8n31MZw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
9c88a7ccc6c35b5083d91e28ed91de4715911c70fcedec2b68acd8b74470480e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Jul 2023 00:49:49 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
909322
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
10822
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
J7HKDBUqZv63Uc58vAUclt8YnyRX0KlY-WhQP-avLQlqZ8obty_TMw==
expires
Sun, 20 Aug 2023 00:49:49 GMT
get
c.disquscdn.com/ Frame 32AC 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2FLittle_Birdie_2_.jpg&key=Ppi1mNJWStMbtEcojBoPJg&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
373641a2474db13af0ccfc18f26e97946a616c1c127f672e43912c0af6228b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 20 Jul 2023 06:33:21 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
975110
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
9090
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
14QaByFTgi9nAD8VwUGqDk4C0VovKt5mhcTRrH0dJAsTkF_76tcFbQ==
expires
Sat, 19 Aug 2023 06:33:21 GMT
get
c.disquscdn.com/ Frame 32AC 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fmeeting_table_chairs.jpg&key=-ajmGXygdWg9048TfFr-pg&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
3e4bcb42c8efa4eb72cfceb9905ac167d9e4b3bbc65f4d59c6103cc3f83ef128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 17 Jul 2023 23:25:40 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
1173571
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
7434
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
92pLShGXoO60i4cIJrWfApEamJ0bzA1OwjW6tOtAaTZhnsL53zNUJQ==
expires
Wed, 16 Aug 2023 23:25:40 GMT
get
c.disquscdn.com/ Frame 32AC 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F2023-07-12T120337Z_1_LYNXMPEJ6B0HW_RTROPTP_4_USA-CHINA-CYBER.JPG&key=_eO4-vEcXlBM0TCklsDONw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
b7d6641d03a90d1736cc8c5c4ad99bf73eb21e95c93bafc55a7a3d22100f0779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 13 Jul 2023 11:22:15 GMT
via
1.1 0cd88f29d8c6e29a267867c45efda9a8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
1562576
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
16682
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
cO3LVIkCO09RCkdkeaGVQfT3PyeUfMHooXekP-_fcFn9r1NfS7VKZQ==
expires
Sat, 12 Aug 2023 11:22:15 GMT
ad
a.teads.tv/page/84405/ 		484 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/84405/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&auctid=f387923c-4aec-42bd-975d-2d98bde05e0b&formatVersion=1226&env=js-web&netBw=10&ttfb=115
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.197.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-197-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07f7214874c906635ae80e4c9e7eb97a338a39a834981012d136212b9e75a4dd

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:11 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itnews.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
353
expires
Mon, 31 Jul 2023 13:25:11 GMT
usync.js
eus.rubiconproject.com/ Frame C898 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.198.37 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-198-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7c477a41c984ea9041127149772459966705113ef9cf300f69f724374fc6cd6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 05:38:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58375
Connection
keep-alive
Content-Length
10114
Expires
Tue, 01 Aug 2023 05:38:06 GMT
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=f387923c-4aec-42bd-975d-2d98bde05e0b&pageId=84405&pid=117459&slot=native&vid=8c187de9-9aa8-4687-9e13-f678fd799489&fv=1226&ts=1690809911633&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.185.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-185-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 31 Jul 2023 13:25:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame 9B73 		169 B
293 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
6813
cf-polished
origSize=199
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 21 Jan 2019 12:43:41 GMT
server
cloudflare
etag
W/"c7-57ff735ded940"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ef62a7d4c45a82b-SYD
expires
Mon, 31 Jul 2023 17:25:11 GMT
videofeed.js
www.dianomi.com/js/contextfeed/ Frame 9B73 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/videofeed.js?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3fb47df6fccc360f36353099993a1728c576536375a98705c5179aa1a1e191c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
40
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:38 GMT
server
cloudflare
etag
W/"1509-600ea782bab38"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62a7d4c49a82b-SYD
expires
Mon, 31 Jul 2023 13:27:11 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 9B73 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423874
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a7d5c4ba82b-SYD
expires
Wed, 30 Aug 2023 23:25:11 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 9B73 		77 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=1339.318.iTnews%20FaB&geo_ccod=au
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7ef62a7d5c4ca82b-SYD
content-length
77
x-xss-protection
1; mode=block
expires
Sun, 30 Jul 2023 13:25:12 GMT
sync
usr.undertone.com/userPixel/ Frame C898
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LKQWKBVY-1C-31LF
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
AKswFfjnrX7Cafae-d-V40aitD0NT4KR88sfZtE0maXLy6PRI5YWPw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LKQWKBVY-1C-31LF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 83EC 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXxtaXOB_ZKS4wf5Q2TMXfiUaTSoSUlr9WF88J4UeQDJGlMgWXa73TAgCALE2oAmj64T8cY8TbguHqdFHS8mJ-ji7darA8J7EsZ6zgT6qb4rFHFIPnU6qaiFQdDzNQOiSxqF58GBeADe-illkvs82gmojkCzt7dKNTYrFNrleGbkd5g3tDXZZkyevJilhCwQ5EJHAEzbRWn6qn7pggCjx_1g0BhBOrNMq0B9m_uXGM8OD1b1MDAEx0CAOT1Y7XO_1ul6d3BnCU97Ku8BpXeVHlxGrP3I0ndx9PMDGgnKVkkNhBJzfTHPGSZxkIoPuWeBVLNvgEBsbAmuG6Y7CIdj1KYSuHN8gJRSFwbTgMttQeO_AE_TB02BMjgvHh6LMsvMz6x3aHTD9ifz_wbm-9zk6K0kpG3f5T6jor5xP_ah5g3XiQzJgxhhCMMC71JI4VfnQ-m_Z9vjoLs4DLyXmUxhD0157F09pv6p0lncqAMZFeLQSVf1sduk50u4Z9_zrxR0ZilyLXIi3isjm5EWscwvGKcqDkCqeZfvzPO9pKYXBgl4_XRbjlxxNDRreszpTOwUMJ_YAcRapOW7uwzhy1ekA8OlD2Yqu9NFq9G0_h_QBkkUWHsfHoY4LAz7U4PcLEL-EtqvYMUAVT-tUbzAcAnGEX8IRZYqDa-fYODb2mfiZVFTelxrVeOXnMoZpEloeZE2H7n3qtiZLk1MpA88HbQXpR3CG4CXSpay280Ae292fUF7yaAkWCgXs4fnmxI8DXpZCnBXvcPVon0l4SOmCpMgb7gofWTprFZ9UAEn7VT4NDvnit7VQJeD_fhvhqeXiM7LaXCUo5A01b75foSrWQaCWnmLAqIU7wq_A3wvpqIm4P7u7J5WYZGP6cxGYCFk_Mw3clMndATLBFqLsCVb_vzPujF4syHKi8TVF3fTCVjZDPILjXkMIP6BSlxlcyGoPt5qmzGiECsgUwP9AaGr6ur-RgRn9b-Id7g3TEEmdEEubBTnmODpAcUWzzT_SS0AmMDvPX404h4WrFdpbRJxBD_M6HzD8fFvUJggr7cMdrSeZp-3jlsPe8VJWqlkViKoSK787KSIpcUQp0_u_11zVdC3nEOLB2pzTVS-COLxJt42DOHahhZmY_kWdRdzZ2o-1OSBN7KQ7IIu4sfF7JClXjbzB1BQDsnII&sai=AMfl-YRKJCdoCYiS6itzbA9EhYn3cGIGpKmW5yGm7OlcqQcHFtKcWV803c9SqK14WRWmpOxmx0sa7gqfePixiwdYKeEKBZ3Df8Ja4p_ufq6U6M2qIfZifrD2Tv-JON-wy1oCz77K39ZoeYC2QQ&sig=Cg0ArKJSzHKt4ZMlDld6EAE&cid=CAQSPABpAlJWc5MWkyZx7UnYzFfA3gZXV47dvbZ14USgpxvcXTPDZ4W3wc3JpN7HOGTN4KKfbxxn21gvvk11shgB&id=ampim&o=531,80&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1512&tls=2513&g=100&h=100&tt=2513&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videofeed-flowplayer.js
www.dianomi.com/js/contextfeed/ Frame 5C19 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454a61e774d469d52b1588afbb8a7fdf519afb905dc7e2df2b78a0b487d4ef00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:12 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
15
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:39 GMT
server
cloudflare
etag
W/"89f2-600ea783b7e00"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62a7e1d0fa82b-SYD
expires
Mon, 31 Jul 2023 13:27:12 GMT
smartads_video_json.pl
www.dianomi.com/cgi-bin/ Frame 5C19 		2 KB
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/smartads_video_json.pl?id=6605&cf=1339.318.iTnews%20FaB&url=https%3A%2F%2Fdabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7f147114d723bcb1c574b93b76e862e5fbb478253b0510025e255aa7d08645
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7ef62a7edde0a82b-SYD
x-xss-protection
1; mode=block
expires
Sun, 30 Jul 2023 13:25:12 GMT
dcm
s.amazon-adsystem.com/ Frame 4BDA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMe2N6i4oCT-Kv_evUnfnQAAE5EAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VA9HM3H5SHVADDEK75TF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4BDA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40b09213-c78d-43c4-9319-effcf9e3e189&expiration=1693401912&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40b09213-c78d-43c4-9319-effcf9e3e189&expiration=1693401912&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40b09213-c78d-43c4-9319-effcf9e3e189&expiration=1693401912&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 4BDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMe2N6i4oCT-Kv_evUnfnQAAE5EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwiDuS7gVXrn_6T1GZGat0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwiDuS7gVXrn_6T1GZGat0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwiDuS7gVXrn_6T1GZGat0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4BDA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZMe2N6i4oCT.Kv-evUnfnQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE2RgdkXSntYelzFKBma514&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE2RgdkXSntYelzFKBma514&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE2RgdkXSntYelzFKBma514&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4BDA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yRZu2p0UPtTSEjiPxkAgi8oQNIvSET2InES8ZP6m
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yRZu2p0UPtTSEjiPxkAgi8oQNIvSET2InES8ZP6m
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yRZu2p0UPtTSEjiPxkAgi8oQNIvSET2InES8ZP6m
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4BDA
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=be207cf5a97fef8ee835d8f23cae77f0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=be207cf5a97fef8ee835d8f23cae77f0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=be207cf5a97fef8ee835d8f23cae77f0
date
Mon, 31 Jul 2023 13:25:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 4BDA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662109298213888
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662109298213888
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:25:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:13 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
398
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662109298213888
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ef62a849e40ab07-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame 4BDA 		0
0
sync
usr.undertone.com/userPixel/ Frame 4BDA 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZMe2N6i4oCT-Kv_evUnfnQAAE5EAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:12 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
m-0QFCnSovfXS2RBIP0ggief5OuzmVKm0Lh5QshN73NGVRMDczWWKQ==
dianomi-video.css
www.dianomi.com/css/ Frame 5C19 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/css/dianomi-video.css?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d1db52cabe6e826d52389582bb6a3d2a7d750518f65a64b78a8a598309903de
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:12 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
5694
cf-polished
origSize=9327
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:34 GMT
server
cloudflare
etag
W/"246f-600ea77ec6400"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ef62a810826a82b-SYD
expires
Mon, 31 Jul 2023 17:25:12 GMT
12.css
www.dianomi.com/img/a/pss/2534/ Frame 5C19 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2534/12.css
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
506a63d2af90215be21cc036bd64c9844cf225a634effe873d120772c6c3ef7b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:12 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
989639
cf-polished
origSize=5634
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 19 Jun 2023 16:28:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ef62a810827a82b-SYD
expires
Wed, 30 Aug 2023 23:25:12 GMT
reporting-observer.js
www.dianomi.com/js/contextfeed/ Frame 5C19 		616 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/reporting-observer.js?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1314977484b794b14e55ddcf03fb39ca95b9c86213f1897c6a64dfffb00016
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:12 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
39
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:36 GMT
server
cloudflare
etag
W/"268-600ea780bf608"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62a810828a82b-SYD
expires
Mon, 31 Jul 2023 13:27:12 GMT
flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ Frame 5C19 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-83.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d5e0849332acff7b91d64ac054f09bd1f5db75df129c800b2feb90cd2a841e7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
D9YiVgudnguna.wkJmYkMgTSEuWg7Gva
content-encoding
gzip
via
1.1 e7e467a77c2b65d1f524a87aad79beca.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 16:35:09 GMT
x-amz-cf-pop
HKG62-C2
age
75004
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Jul 2023 16:34:10 GMT
server
AmazonS3
etag
W/"eb4c450a71248f9837360b0bf07cc7d7"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
ujtOI6-gyBiVa_IFZJ-IjXcxHfr7UojdKWLBumk1PEptsgrnYy5nOg==
flowplayer.min.js
cdn.flowplayer.com/releases/native/3/v3.4.1/ Frame 5C19 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-83.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6be23bbf284c6d5884a84a7ca3347075acf5c028f0cb7fcfe6a4b7354071df0a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
AYetg8AOqi.2BIlsvdUy1q0VvTRaIr9z
content-encoding
gzip
via
1.1 e7e467a77c2b65d1f524a87aad79beca.cloudfront.net (CloudFront)
date
Mon, 31 Jul 2023 07:23:06 GMT
x-amz-cf-pop
HKG62-C2
age
21727
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Sep 2022 17:58:44 GMT
server
AmazonS3
etag
W/"07e3da6c90c44ca3d032372837e4e582"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
BZmKFQpLJamCudUeYZo13cjRFF_egnTNW64WL5PlQg-FKn4uUoZeEA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5C19 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
sffe /
Resource Hash
cc4a2b18a49c0b5d6828746e8fcde20a521664d1060d75ff550d70746e6c1cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121902
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:25:13 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/ Frame C505 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
sffe /
Resource Hash
c9be9fbeaab97433c8175779e57d554a8e1ba6f91e934863e9f350eaae3be3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40810
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 15:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 22:41:52 GMT
status
www.facebook.com/x/oauth/ Frame C505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.itnews.com.au&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Ditnewsnext%26t_i%3D598623%26t_u%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26t_e%3DMalware%2520spotted%2520on%2520Barracuda%2520email%2520gateways%26t_d%3D%250A%2520%2520%2520%2520%2520%2520%2520%2520Malware%2520spotted%2520on%2520Barracuda%2520email%2520gateways%26t_t%3DMalware%2520spotted%2520on%2520Barracuda%2520email%2520gateways%26s_o%3Ddefault%23version%3D617b1d7777ec737a28f95e7268f17c68&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 31 Jul 2023 13:25:12 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
+HogQlFtjyWRFcs63CGFBPyr+Y4n8yWMQhRoLvJZNBG1k/FOVqn/5XMToPn/y4KkgExkPPswiPave7Bt5ckihQ==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame CAFD 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f84.1e100.net
Software
ESF /
Resource Hash
1fd19a15f185f9057e0043110db650b89812526befb869b59cf173d5d44b1fb6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_n6OhT3f7IuQyaNfWzHqHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_n6OhT3f7IuQyaNfWzHqHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:25:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 5C19 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:13 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423876
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a89884ea82b-SYD
expires
Wed, 30 Aug 2023 23:25:13 GMT
X1IJY0gRMT4YQfm6aScrUQAAAAY.png
www.dianomi.com/img/uploads/ Frame 5C19 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/uploads/X1IJY0gRMT4YQfm6aScrUQAAAAY.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8598fde7fabef054baf14a945a347c1f2311e8b5145199aeed5725e842d48ec5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:13 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1779611
cf-polished
origFmt=png, origSize=23215
content-disposition
inline; filename="X1IJY0gRMT4YQfm6aScrUQAAAAY.webp"
content-length
4784
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 04 Sep 2020 09:31:16 GMT
server
cloudflare
etag
"5aaf-5ae7987ca2100"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a899858a82b-SYD
expires
Wed, 30 Aug 2023 23:25:13 GMT
truncated
/ Frame 5C19 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
610a27fa1d1948e2995168f02b2db335efa782172fe160535ce12823820e8eb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
play_200px.png
www.dianomi.com/videofeed/icons/ Frame 5C19 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/videofeed/icons/play_200px.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe91869eab90bb6c349d076d3d9acafbc1cdd644fc8494abda2667f1590fcbe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:13 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1474
cf-polished
origSize=13554, status=vary_header_present
content-length
8404
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 22 Oct 2020 08:10:13 GMT
server
cloudflare
etag
"34f2-5b23dfe50a340"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a89b869a82b-SYD
expires
Mon, 31 Jul 2023 17:25:13 GMT
learn_more_200px.png
www.dianomi.com/videofeed/icons/ Frame 5C19 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/videofeed/icons/learn_more_200px.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd8736900c611a7514a3ae94e9432479c0d7852689fcd104695bdddd8a2f57e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:13 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1474
cf-polished
origSize=11011, status=vary_header_present
content-length
7082
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 22 Oct 2020 08:10:13 GMT
server
cloudflare
etag
"2b03-5b23dfe50a340"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a89b86aa82b-SYD
expires
Mon, 31 Jul 2023 17:25:13 GMT
x50.png
www.dianomi.com/img/a/sav2/299346/3/ Frame 5C19 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/299346/3/x50.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b3387ba5418fe5025558a166d2616a5968b65bbb061dcd6b236eb8b98b2d7b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:13 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
916067
cf-polished
origFmt=png, origSize=6736
content-disposition
inline; filename="x50.webp"
content-length
4142
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jul 2023 02:45:44 GMT
server
cloudflare
etag
"1a50-6005554253280"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62a89b86ca82b-SYD
expires
Wed, 30 Aug 2023 23:25:13 GMT
thumbnail.mp4
videodelivery.net/8884a83d47ff48b0b452caae408c232e/thumbnails/ Frame 5C19 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://videodelivery.net/8884a83d47ff48b0b452caae408c232e/thumbnails/thumbnail.mp4?duration=120s&audio=1&width=650&fit=fill
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4968670269e864e85789cf9a0b5bbf7c4f6965c12e518655f4c3da04b96d1d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Jul 2023 13:25:14 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
age
7049
Content-Range
bytes 0-1281686/1281687
stream-dw-version
2023.7.12
Content-Length
1281687
core-cache-status
HIT
last-modified
Mon, 31 Jul 2023 10:44:33 GMT
server
cloudflare
vary
origin, referer, Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=864000
access-control-expose-header
cf-ray
cf-ray
7ef62a8cdae9a7e9-SYD
access-control-allow-headers
range
served-in-seconds
0.004
time.json
ljsp.lwcdn.com/web/public/countdown/ Frame 5C19 		27 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ljsp.lwcdn.com/web/public/countdown/time.json
Requested by
Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-64.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
7d57550bd58a08e2a1b0eef219a9dbbd525ec2176437c2ae455cb102ee1da2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C2
age
3
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
27
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
nginx
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
s-maxage=5, max-age=5
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,x-flowplayer-api-key
x-amz-cf-id
NmEnBo_mpCVVbD9rYCEFFqDuQyjK6eY02VgYzCZVTUtUHnMvx4iDOg==
smartads_video_a.pl
www.dianomi.com/cgi-bin/ Frame 5C19 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/smartads_video_a.pl?s=ZMe2OC6_ctYBjzPe0JCVQQAAAAI
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:14 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ef62a8b0e9aaae3-SYD
content-length
0
x-xss-protection
1; mode=block
expires
now
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.m9UG_j_a8uA.es5.O/d=1/rs=AOaEmlHkCkTHfBLZLrVLohtRvjCt0nT36A/ Frame CAFD 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.m9UG_j_a8uA.es5.O/d=1/rs=AOaEmlHkCkTHfBLZLrVLohtRvjCt0nT36A/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
4d9b1f2a07539b07e6f7df6bd0c65178de60c9d1a396235c225e1e24f148874b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35552
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 22:46:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 22:36:18 GMT
in
pmi.flowplayer.com/ Frame 5C19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pmi.flowplayer.com/in
Requested by
Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.108.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-108-185.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:25:15 GMT
server
Jetty(9.4.28.v20200408)
access-control-allow-methods
POST
truncated
/ Frame 5C19 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bec348a0226f19f54fe5142f60c053babfe1e9fce5ba8953e60828bd051785d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame CAFD 		2 KB
914 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f84.1e100.net
Software
GSE /
Resource Hash
d7fe39e92b4ecaa2d8161b50173e0716136feda53c551ba9b85315f03107cd8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame CAFD 		49 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.m9UG_j_a8uA.es5.O/d=1/rs=AOaEmlHkCkTHfBLZLrVLohtRvjCt0nT36A/m=base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f84.1e100.net
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PfhoSR0gEo54YSfvze23xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src 'report-sample' 'nonce-PfhoSR0gEo54YSfvze23xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:23:43 GMT
content-encoding
gzip
age
92
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 31 Jul 2023 14:23:43 GMT
events
ihi.flowplayer.com/v1/health/ Frame 5C19 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ihi.flowplayer.com/v1/health/events
Requested by
Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.0.234 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
date
Mon, 31 Jul 2023 13:25:16 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
glitter.services.disqus.com/urls/ Frame C505 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=itnewsnext&thread_id=9794445677&referer=&tc=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
f9a54a02da898c9b7be2b99747f81d884b13bbf6d1a9b92395414e9a96b544ae
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
X-Frame-Options
DENY
Vary
Accept-Encoding, Cookie
Content-Type
application/javascript
transfer-encoding
chunked
Cache-Control
no-cache
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
event.gif
referrer.disqus.com/juggler/ Frame C505 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=5060&event=init_embed&thread=9794445677&forum=itnewsnext&forum_id=2865237&imp=mmk8as3mtub9m&prev_imp&thread_slug=malware_spotted_on_barracuda_email_gateways&user_type=anon&referrer=https%3A%2F%2Fwww.itnews.com.au%2F&theme=next&dnt=0&tracking_enabled=1&experiment=prebidbidisrequired_hidden&variant=active&service=dynamic&promoted_enabled=false&max_enabled=false
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:16 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
events
ihi.flowplayer.com/v1/health/ Frame 5C19 		0
175 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ihi.flowplayer.com/v1/health/events
Requested by
Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.0.234 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
date
Mon, 31 Jul 2023 13:25:16 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
smartads_video_a.pl
www.dianomi.com/cgi-bin/ Frame 5C19 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/smartads_video_a.pl?p=ZMe2OC6_ctYBjzPe0JCVQQAAAAI&t=1.003385&d=26.325
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:16 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ef62a965af5aae3-SYD
content-length
0
x-xss-protection
1; mode=block
expires
now
sync
pippio.com/api/ Frame 5F33 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pippio.com/api/sync?pid=1391&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&it=1&iv=cmmk8d63ijqorp
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3678ae8b426b71155384e4dd046bce566a456ebc598814fcf0626e572117bad8

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store
content-type
text/html
date
Mon, 31 Jul 2023 13:25:16 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin
*
via
1.1 google
pixel.html
live.rezync.com/ Frame 3722 		744 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=cmmk8d63ijqorp&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cache_buster=0.635458463121
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 -, , ASN (),
Reverse DNS
Software
lighttpd/1.4.69 /
Resource Hash
69717bb0b11ec82ce64421e3dcba55920d4bd508c80d7ed391dec3f59f57c684

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
744
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:25:16 GMT
server
lighttpd/1.4.69
vary
Cookie
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
x-amz-cf-id
Yym1IVdYngEv77xi_0JHopjDv2kC28QnTPjMVSGwybB-8W1NQqreug==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
/
io.narrative.io/ Frame C505
Redirect Chain
  • https://io.narrative.io/?companyId=1952&id=disqus_id%3Acmmk8d63ijqorp&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83297018022
  • https://io.narrative.io/?io.narrative.guid.v2=b0464a90-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Acmmk8d63ijqorp&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid...
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=b0464a90-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Acmmk8d63ijqorp&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83297018022
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Server
52.77.24.246 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:17 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=b0464a90-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Acmmk8d63ijqorp&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83297018022
Date
Mon, 31 Jul 2023 13:25:16 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
/
io.narrative.io/ Frame C505
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Acmmk8d63ijqorp&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
  • https://io.narrative.io/?io.narrative.guid.v2=b04671a0-2fa5-11ee-8fae-028fdbeaaa16&companyId=19&id=disqus_id%3Acmmk8d63ijqorp&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-...
35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=b04671a0-2fa5-11ee-8fae-028fdbeaaa16&companyId=19&id=disqus_id%3Acmmk8d63ijqorp&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Server
52.77.24.246 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:25:17 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=b04671a0-2fa5-11ee-8fae-028fdbeaaa16&companyId=19&id=disqus_id%3Acmmk8d63ijqorp&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Date
Mon, 31 Jul 2023 13:25:16 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
ca.png
s.cpx.to/ Frame C505
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D12037%26url%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26adn...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D12037%2526url%253Dhttp%25253A%25252F%25252Fwww.itnews.com.au%25252Fnews%25252Fmalware-spotte...
  • https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&adnxs_uid=6231341697720049043
0
0
396846.gif
idsync.rlcdn.com/ Frame 5F33
Redirect Chain
  • https://idsync.rlcdn.com/462246.gif?partner_uid=cmmk8d63ijqorp
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9b331f52-d8d7-4ffa-9c5d-c7b22b283314
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9b331f52-d8d7-4ffa-9c5d-c7b22b283314
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 31 Jul 2023 13:25:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9b331f52-d8d7-4ffa-9c5d-c7b22b283314
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
362358.gif
idsync.rlcdn.com/ Frame 5F33
Redirect Chain
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIL3zOvAp3OkCHFsSY2I_4c&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIL3zOvAp3OkCHFsSY2I_4c&google_cver=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIL3zOvAp3OkCHFsSY2I_4c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveramp.com
pippio.com/api/ Frame 5F33 		108 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/liveramp.com
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
212a2d2e355cec068c4c4f041281aa42b663d3defcb647b11974f362712159fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:16 GMT
cache-control
private, no-store
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
smartads_video_a.pl
www.dianomi.com/cgi-bin/ Frame 5C19 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/smartads_video_a.pl?p=ZMe2OC6_ctYBjzPe0JCVQQAAAAI&t=2.065305&d=26.325
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:17 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ef62a9d093baae3-SYD
content-length
0
x-xss-protection
1; mode=block
expires
now
sync
live.rezync.com/ Frame 3722
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1690809916.7542348
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID%2526cache_b...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=2631938698432708619&cache_buster=1690809916.7542348
0
0
cm
p.rfihub.com/ Frame 3722 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 3722
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=08b8c124-308c-4dc7-8226-68c9ef296142%3A1690809916.7539113
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=71c214fa-a2d8-42dc-88f5-b70d08597587%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=40b09213-c78d-43c4-9319-effcf9e3e189&ttd_puid=71c214fa-a2d8-42dc-88f5-b70d08597587%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=40b09213-c78d-43c4-9319-effcf9e3e189&ttd_puid=71c214fa-a2d8-42dc-88f5-b70d08597587%2C%2C
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=cmmk8d63ijqorp&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cache_buster=0.635458463121
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:25:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:25:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=40b09213-c78d-43c4-9319-effcf9e3e189&ttd_puid=71c214fa-a2d8-42dc-88f5-b70d08597587%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
s.cpx.to
URL
https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&adnxs_uid=6231341697720049043
Domain
live.rezync.com
URL
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=2631938698432708619&cache_buster=1690809916.7542348
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=39342&in=1&userid=08b8c124-308c-4dc7-8226-68c9ef296142%3A1690809916.7539113&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D&cb=1690809916.754289

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| NREUM object| newrelic function| __nr_require object| dataLayer number| ord function| $ function| jQuery object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id object| GooglebQhCsO function| hj object| _hjSettings function| fbq function| _fbq function| $JssorObject$ function| $JssorAnimator$ function| $JssorPlayerClass$ object| $JssorDebug$ object| $JssorEasing$ object| $JssorDirection$ object| $JssorKeyCode$ object| $Jssor$ function| $JssorCaptionSliderBase$ object| $JssorSlideshowFormations$ function| $JssorSlideshowRunner$ function| $JssorSlider$ function| $JssorSlideo$ function| $JssorCaptionSlider$ function| $JssorCaptionSlideo$ object| $JssorNavigatorEvents$ function| $JssorBulletNavigator$ function| $JssorArrowNavigator$ function| $JssorThumbnailNavigator$ function| getParameterByName string| disqus_shortname undefined| disqus_developer number| disqus_identifier string| disqus_title string| disqus_url function| disqus_config function| RegisterNewsletterAjaxSignupEventHandler function| LoadTooltips function| makeWYSIWYG function| pushWYSIWYG function| ResizeIFrame function| ResizeIFrameHelper function| PushAds function| LoadAds function| RecenterModals function| ResizeInterstitial function| Resize function| toggleMenuIcon function| startCountDown function| setShareBoxStickyLimits function| AdBlockEnabled string| _searchUrl string| _registrationUrl string| _statesUrl string| _pollAjaxUrl string| _moreUrl string| _latestCommentsUrl boolean| _skinPushed boolean| _interstitialPushed string| _moreTagUrl object| gptAdSlots string| _orientation boolean| _hasResize undefined| _resizeEvent boolean| _isMobile boolean| _leaderMoved number| _skinWidthThreshold number| _shareBoxStickerMax boolean| _showAds number| _initialInterstitialWidth undefined| _interstitialAspectRatio boolean| _doneInitialPass string| _loginUrl undefined| _username undefined| _password undefined| _rememberMe undefined| _loginValidation undefined| _loginResponse object| html5 object| Modernizr object| Foundation object| googletag object| jQuery111200971919644347774 object| $leader string| GoogleAnalyticsObject function| ga object| _hsp object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| DISQUS function| disqus_recommendations_config function| lintrk boolean| _already_called_lintrk object| DISQUSWIDGETS undefined| disqus_domain object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal boolean| PIXELS_RAN object| enabledEventSettings object| _hsq object| DISQUS_RECOMMENDATIONS object| gaplugins object| gaData undefined| google_measure_js_timing number| google_unique_id boolean| _hspb_loaded boolean| _hspb_ran function| setImmediate function| clearImmediate function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| _paq function| sanitizeKey boolean| _hstc_loaded object| teadsscript object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| teads

83 Cookies

Domain/Path Name / Value
www.itnews.com.au/ Name: RegoSource
Value: ITN_598623_ArticleRego
.itnews.com.au/ Name: _gcl_au
Value: 1.1.1864363049.1690809905
.dianomi.com/ Name: session
Value: d9724699ebcec4a9764124759e307b22
.doubleclick.net/ Name: APC
Value: Aa3gxNrfZ14yS5LXa5fIY1-U4Vg39j1kea8UsmMqtXDTYcmEUgIocw
.itnews.com.au/ Name: _ga_VF4SSPXWVE
Value: GS1.1.1690809907.1.0.1690809907.60.0.0
.rlcdn.com/ Name: pxrc
Value: CLPsnqYGEgUI6AcQABIFCOhHEAA=
.itnews.com.au/ Name: _ga
Value: GA1.3.584243827.1690809908
.itnews.com.au/ Name: _gid
Value: GA1.3.1631202061.1690809908
.itnews.com.au/ Name: _gat_UA-102830131-1
Value: 1
www.itnews.com.au/ Name: ln_or
Value: eyIxNTAzNzk2IjoiZCJ9
.bidswitch.net/ Name: tuuid
Value: 6ee62855-15d7-4c4b-9480-704502c066f2
.bidswitch.net/ Name: c
Value: 1690809908
.bidswitch.net/ Name: tuuid_lu
Value: 1690809908
.linkedin.com/ Name: li_sugr
Value: 4cc9fb4d-0fc3-44e8-b87e-c919bd389621
.linkedin.com/ Name: bcookie
Value: "v=2&05881eb5-8e24-42dc-8211-7e564d8707e4"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2698:u=1:x=1:i=1690809908:t=1690896308:v=2:sig=AQG8LAy01c4dKjIoYa2TxnOKybgWbknY"
.pippio.com/ Name: did
Value: SxOcEaaIR69-qBDd
.pippio.com/ Name: didts
Value: 1690809908
.pippio.com/ Name: nnls
Value:
.itnews.com.au/ Name: _hjSessionUser_2321248
Value: eyJpZCI6ImM0ZDYzZGRhLWQ2YWQtNWY2Zi04OWMwLTRhZWE3NDQ0MjNiMiIsImNyZWF0ZWQiOjE2OTA4MDk5MDg0MzAsImV4aXN0aW5nIjpmYWxzZX0=
.itnews.com.au/ Name: _hjFirstSeen
Value: 1
.itnews.com.au/ Name: _hjIncludedInSessionSample_2321248
Value: 0
.itnews.com.au/ Name: _hjSession_2321248
Value: eyJpZCI6IjQ3Yjk2NzE1LTk2NjMtNGJlYi05NTFmLTg2MDgyYmU4OTY1OSIsImNyZWF0ZWQiOjE2OTA4MDk5MDg0NTIsImluU2FtcGxlIjpmYWxzZX0=
.itnews.com.au/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQIcLpRKNH5zeAAAAYmsH70dtLwmF3CNgjTjShZih1Mxa8yDbGKqZmceaeDjOkqdb62fWXBn5sprQg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLCzf1SMg-ZawAAAYmsH70d-F5BrnnHKBrKRQ70WuI2Xb2aM32YaIaa_n0dgrDSX68qrQ3fLPvVvUWfZaDf-A
.itnews.com.au/ Name: _fbp
Value: fb.2.1690809908822.1079329485
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230731132508cb0cf849-2581-44f6-82e5-35a59d8aa0feAQGLJLhy7FBAoJFUz-EBLfUtboaO7dC-"
.pippio.com/ Name: pxrc
Value: CLTsnqYGEgQIAhAAEgYI7OsBEAA=
.itnews.com.au/ Name: lotame_domain_check
Value: itnews.com.au
.linksynergy.com/ Name: rmuid
Value: 82878272-78f4-4d06-9726-8e6bc91cb539
.linksynergy.com/ Name: icts
Value: 2023-07-31T13:25:09Z
.doubleclick.net/ Name: IDE
Value: AHWqTUmrzfyfCg4eMrlcJI4VXDj2vV6IbdYZRFQJTx4NrPQOCU1elrHGn4-bsASnyU0
.itnews.com.au/ Name: __gads
Value: ID=a312ef95334a685a:T=1690809908:RT=1690809908:S=ALNI_MZw2SbAVzzflqei72qPjMScf31mSA
.itnews.com.au/ Name: __gpi
Value: UID=00000c25b21e0d58:T=1690809908:RT=1690809908:S=ALNI_MbgLW7mLPgKQWCNe-jP5H4vgrsGUg
.rlcdn.com/ Name: rlas3
Value: jwTUp/0+RDHI0ZwSBhXSyAofZ4dg1mPE2lCZFEWsb54=
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 6a84f8b42c27c709293430d085b4be7f
.itnews.com.au/ Name: _cc_id
Value: 6a84f8b42c27c709293430d085b4be7f
.itnews.com.au/ Name: panoramaId_expiry
Value: 1691414709493
.itnews.com.au/ Name: panoramaId
Value: c5c117e95b392c4b40782b3e600b16d53938b82e677c22dca25f6af8cf1f35d4
.itnews.com.au/ Name: panoramaIdType
Value: panoIndiv
.rubiconproject.com/ Name: khaos
Value: LKQWKBVY-1C-31LF
.adsrvr.org/ Name: TDID
Value: 40b09213-c78d-43c4-9319-effcf9e3e189
.disqus.com/ Name: disqus_unique
Value: mmk8d63ijqorp
disqus.com/ Name: __jid
Value: mmjps21hr5l4b
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yahoo.com/ Name: A3
Value: d=AQABBDe2x2QCEE4chv7gp17wAhLIh6wRwFkFEgEBAQEHyWTRZAAAAAAA_eMAAA&S=AQAAAoeOeHhQfKenxVP72I8-Zy8
.dianomi.com/ Name: session2
Value: B=&BUID=&L=1&N=1&NT=&R=1690809911&RUID=LKQWKBVY-1C-31LF
.amazon-adsystem.com/ Name: ad-id
Value: A3p52c-EGUXUlh9ee95zO0o
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.openx.net/ Name: i
Value: 1d595f6d-bc17-466d-99f2-8fa976946131|1690809911
.teads.tv/ Name: tt_viewer
Value: 8c187de9-9aa8-4687-9e13-f678fd799489
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.advertising.com/ Name: A3
Value: d=AQABBDe2x2QCEMJyGf6nGW9F45oiRk9FTIgFEgEBAQEHyWTRZNwu0iMA_eMAAA&S=AQAAAoBhXf8GBJgpT-gGAlF34hY
.pubmatic.com/ Name: SyncRTB3
Value: 1691971200%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 79C582CB-33D7-4269-B2D3-6AF69109954F
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z9~2d31
.undertone.com/ Name: UID_EXT_46
Value: 40b09213-c78d-43c4-9319-effcf9e3e189
.undertone.com/ Name: UTID
Value: 28eccdef4e4a4701b201ba2eac2e4aa0
.undertone.com/ Name: UTID_ENC
Value: 2f80yjl3upwhbmk3x7b17ds4g
.undertone.com/ Name: UID_EXT_47
Value: LKQWKBVY-1C-31LF
.casalemedia.com/ Name: CMID
Value: ZMe2N6i4oCT.Kv-evUnfnQAA
.casalemedia.com/ Name: CMPS
Value: 5009
.casalemedia.com/ Name: CMPRO
Value: 5009
.rubiconproject.com/ Name: audit
Value: 1|DWuTXOJnPlEk/PX+6dttuXGKKnz3mSHzjzg0koDvI85rLxq/6nQ6FfPthz1LqXaFIQ7vwNfPDQHqFTrNE4+z9k1id1yxWjzFHm0QlslGhrY=
.undertone.com/ Name: UID_EXT_39
Value: 85980713-153f-45f9-a9a1-5886e51f729e
.undertone.com/ Name: UID_EXT_56
Value: y-Ib1D4z9E2uHBqRvOWGlAah7aX5yuxetAV8qURKE-~A
.sitescout.com/ Name: ssi
Value: b2615643-c204-4ffa-bbae-743d5bd52665#1690809912005
.dianomi.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJncmlkIjp7InVpZCI6IjZlZTYyODU1LTE1ZDctNGM0Yi05NDgwLTcwNDUwMmMwNjZmMiIsImV4cGlyZXMiOiIyMDIzLTA4LTE0VDEzOjI1OjA4Ljg2MjA3OTk1NloifSwidW5kZXJ0b25lIjp7InVpZCI6IjJmODB5amwzdXB3aGJtazN4N2IxN2RzNGciLCJleHBpcmVzIjoiMjAyMy0wOC0xNFQxMzoyNToxMi4yMzAyNzk0OTNaIn19LCJiZGF5IjoiMjAyMy0wNy0zMVQxMzoyNTowOC44NjIwNzI1MzZaIn0=
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIvsHUoPP0iDwQBRgBIAIoAjILCNS-n8OJ9Yg8EAU4AVoHc2lybnN2Z2AC
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTY5MDgwOTkxMjM0NywiNyI6MTY5MDgwOTkxMjM0NywiODAiOjE2OTA4MDk5MTIzNDd9
.pubmatic.com/ Name: pi
Value: 160318:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.quantserve.com/ Name: d
Value: EB4BDQHMKbjvsQA
.quantserve.com/ Name: mc
Value: 64c7b639-05b9b-f529f-30ecf
.tapad.com/ Name: TapAd_TS
Value: 1690809913068
.tapad.com/ Name: TapAd_DID
Value: 71c214fa-a2d8-42dc-88f5-b70d08597587
.tribalfusion.com/ Name: ANON_ID
Value: aRnsPCPME7eQmKvCjWxrdZbLBQDFUneK4yH7I9Zcslb9WdZbZd2raKgXZcAIqVppUta1EYZcWZdpyXJjId6NQM2
.undertone.com/ Name: UID_EXT_57
Value: ZMe2N6i4oCT-Kv_evUnfnQAAE5EAAAIB
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.undertone.com/ Name: UID_EXT_54
Value: b2615643-c204-4ffa-bbae-743d5bd52665-64c7b638-5553
.undertone.com/ Name: UID_EXT_53
Value: 79C582CB-33D7-4269-B2D3-6AF69109954F

6 Console Messages

Source Level URL
Text
security error URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=(Line 14)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.itnews.com.au').
security error URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=(Line 17)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.itnews.com.au').
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pippio.com/api/liveramp.com
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
accounts.google.com
ad.doubleclick.net
ajax.googleapis.com
analytics.google.com
api.hubapi.com
apis.google.com
bcp.crwdcntrl.net
c.disquscdn.com
cdn.ampproject.org
cdn.flowplayer.com
cdn.id5-sync.com
cdn.linkedin.oribi.io
cdn.undertone.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dabbf49af5dc58c174996e176c147d79.safeframe.googlesyndication.com
data.dianomi.com
disqus.com
dsum-sec.casalemedia.com
ei.rlcdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
googleads.g.doubleclick.net
i.nextmedia.com.au
id5-sync.com
idsync.rlcdn.com
ihi.flowplayer.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
io.narrative.io
itnewsnext.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
live.rezync.com
ljsp.lwcdn.com
match.adsrvr.org
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pmi.flowplayer.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
referrer.disqus.com
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
script.hotjar.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
server.prebid.dianomi.com
snap.licdn.com
ssum-sec.casalemedia.com
static.hotjar.com
stats.g.doubleclick.net
sync.adotmob.com
sync.crwdcntrl.net
t.teads.tv
tags.crwdcntrl.net
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
videodelivery.net
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.itnews.com.au
www.linkedin.com
x.bidswitch.net
live.rezync.com
p.rfihub.com
s.cpx.to
sync.adotmob.com
103.229.10.247
104.16.117.190
104.16.137.206
104.16.199.35
104.17.203.204
104.17.24.14
104.18.134.59
104.18.17.195
104.18.24.173
104.18.24.196
107.178.254.65
13.107.42.14
13.213.139.245
13.224.249.91
13.224.249.94
13.228.126.19
13.33.88.30
139.5.84.243
142.251.10.157
142.251.10.97
15.197.193.217
151.101.128.134
157.240.235.1
157.240.235.35
162.19.138.119
172.217.194.132
172.253.118.157
172.67.38.106
18.140.232.8
18.143.106.89
18.155.68.61
199.232.192.134
199.232.192.64
203.176.102.67
203.176.102.69
207.65.33.76
216.239.38.181
23.35.185.50
23.46.197.50
23.46.198.37
23.66.150.27
34.111.113.62
34.255.108.185
34.98.67.3
35.190.60.146
35.208.249.213
35.213.12.39
35.244.159.8
37.157.3.30
42.99.140.139
52.16.0.234
52.46.155.104
52.74.32.105
52.77.24.246
52.84.251.107
52.84.251.81
54.192.150.95
54.192.18.34
54.192.18.64
54.192.18.83
64.233.170.104
64.233.170.132
64.233.170.138
64.233.170.94
64.233.170.95
67.199.150.82
67.199.150.86
69.173.158.64
74.125.200.132
74.125.200.154
74.125.200.94
74.125.200.95
74.125.24.149
74.125.24.156
74.125.24.95
74.125.68.139
74.125.68.84
74.125.68.94
8.43.72.97
98.98.134.242
024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b
03a27bd290072540db749ce00cb5e19f373881119b9bf4c247740125f6953e9a
057282e686d0bbd277a83b8863290210ce4e384955e3fc750db2a2d7e818bc16
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
071a3dd61c05dcacc5d360a97e383ea8434c43670a8b71d9420db47e5f3cf081
07f7214874c906635ae80e4c9e7eb97a338a39a834981012d136212b9e75a4dd
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0f4d604fe204e8c17b5ffdf044029eee5cbe2ef755af9d7a65aa3182f1d694f7
0fe91869eab90bb6c349d076d3d9acafbc1cdd644fc8494abda2667f1590fcbe
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fccf7e8708b33fd569370ac537aa4fd3039bedb6efaa8343de195f42af870c
138fcb54e22d1d45c68f04bdcf8048f3f3618938f010f1ea25444f4d9039738a
140f1fb8af2d84d9a97d2d26372392b4034929da4a8de4412caaaa5942353a75
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
19f54abae7d5b15807a28bcabc4d23bfb84eedde9e04bbbdf8eb82834a5f1ceb
1a511566a24f533485456f1c2ed158c2bab5139c92d4d7ee76e70474e2e9c79d
1a735eebc382ebfd736d9ed693e54b70cf11cd44e22d815d3eab0200bef612e2
1cb3cf77b239a0a241b313129c7594fa20fbdbd3764b4f174f4a0ab09c0b18ae
1fd19a15f185f9057e0043110db650b89812526befb869b59cf173d5d44b1fb6
207057bd3c2e3e5560b7fd1ae51fefa6df3f317bd8fef98bbe309f1ff4f72786
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
212a2d2e355cec068c4c4f041281aa42b663d3defcb647b11974f362712159fc
23722328c52e617c75fea862c7c345d9e717036eed4624f3fd3266ab9b463d63
2400d3387bcafd3e275084c1f236b9101cb78514a08fd936a0e9266bb51d4d45
252037c7c756e70b49902c9f12247aa047899f522c6c0c77d012970422fbc6bf
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b
26bd65c9dd2fadc88dd5544f27a8bcbca3c2aa1850eead6a38dc8212cf504fea
273068b738a5668178c25574c7c6dd4da0c34e9a21bf975f9785ee3f615cbc78
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1
2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db
2a58a1e027e73e07a5bdb58729fd5823ea1fb3e3b05624f14b9cc7c84172ff69
2ddd688ac9e3605353e4074cbf4e279c64cdad99cba7179240a8959953988551
2e40f7697b20640b631fcc4997de3bbf0841ff4ceda0ed69cf26273ee8c5cca9
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2fb31e048754b2e273235ec593805df0cbece9d6ed4120cff6ff6be5eef69644
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f
30fc2a3c7bfeefdc6440753ca908587e2e0afeb63718b1b8209356e1e333b119
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4a5785c287ef6a8d330ea1d23685970019acab658e3a7164d657e374e393a
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507
33fbe177b87eb4e87ee9912219cc60c2d0ec04c9e1ba64139c0c736daeb1372c
348575019698802bed3c19f74802f98acbe55d352c5cf08996d43af5bc6d5536
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
363770b3b4022e82a9a7208139456e57a888c78936e6d21da9985a82a0bf61ad
3678ae8b426b71155384e4dd046bce566a456ebc598814fcf0626e572117bad8
3680185d688777bcfa7bb43dce7cfa2fe08c7802602a9a80f193458e751dc1b3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
373641a2474db13af0ccfc18f26e97946a616c1c127f672e43912c0af6228b2e
384f2ade44595afc321669265a96b3c217e582daacf359d84ac8732d2dfc5654
3c27abdcf0237d7192356b65997d97fd5b102087afdc0349da00f215290f7e63
3e4bcb42c8efa4eb72cfceb9905ac167d9e4b3bbc65f4d59c6103cc3f83ef128
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe
450162017ea4958d4312d388b7b2bec9ed508bbf786be61a5127fd3018aec878
454a61e774d469d52b1588afbb8a7fdf519afb905dc7e2df2b78a0b487d4ef00
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e9e4a4dcefc780ebf5d3d24bdbc96d647beb4244df31bf35f4ba77a077de06
473702059a2b0d588e26ee57e721986d483f978bd7c0efe5cd16be49500de4aa
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4852446e73df08adca2732771f6823a5db5657d72a420f0d433dd9dd9710a1a9
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9548e1aedb6f913e9ee52e39276060e40362976a133be54b5fe1bbbe30d42a
4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c99a09e4f01cab98d0e63c5efca84025dcaa98a8ad96306e8cb142ced9d723a
4d5e0849332acff7b91d64ac054f09bd1f5db75df129c800b2feb90cd2a841e7
4d9b1f2a07539b07e6f7df6bd0c65178de60c9d1a396235c225e1e24f148874b
4f1314977484b794b14e55ddcf03fb39ca95b9c86213f1897c6a64dfffb00016
4f3825254f45cd3af8f249994cd530bae02db42a80654a9c736ab0558d9a6e8c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506a63d2af90215be21cc036bd64c9844cf225a634effe873d120772c6c3ef7b
50a4606616a0a3036f9097f292f4e85fc5d1c6655623f78714baab1c0eff8694
5153c665981db6dd56da1a567ed2c4490f3c9d596697ee0e4b54eed44559a259
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
51b6929224317237d4e3c7b597a4e20c75ada03b4b2fba2598713033f657e12a
52356fa79424f57d02bf8363483b11939217d604cbd2a08ed29a06b4c1130546
52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5822be886e011d28b95af323f1eebd45494c8f0fa5adf43363cd0a3f1d0150a2
58b3387ba5418fe5025558a166d2616a5968b65bbb061dcd6b236eb8b98b2d7b
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
606f3e7c3cb798393455df1b6e6abec51053f139a239c847027621dc271f7f2d
610a27fa1d1948e2995168f02b2db335efa782172fe160535ce12823820e8eb7
61548ef09524a1844c526bed164fb495360ca5d5c4102eb29bbbeb3c817f1adb
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
62df622306d660e66ea705c7a95e9ee01431acd24c65c7c4f721d661aff1dd43
62ec5ad67eecd3fd555fe125955e0055f796d090de26684cafe5c00ff668fc86
639b382082c552d87856ae001e41e15fd0a2c0f14fe14da03f0523fd43840bae
6429c3027716822950ce1897567ef30be52f271bc500077ce41fa34f28a0b58e
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef
69717bb0b11ec82ce64421e3dcba55920d4bd508c80d7ed391dec3f59f57c684
6a3fa85b2d0ef49b17838d809b041ed6df15ccd0d8e3e355080c93ae7fd08eb4
6be23bbf284c6d5884a84a7ca3347075acf5c028f0cb7fcfe6a4b7354071df0a
6e59243b160e942d880d620c687882be65940f46630c5a364bf7f94bde02cf0c
700f84e5c8ed93fdad5dfdae22c3738620c334e8e6b54a086c7da39213c88ba7
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
72cfcc19216942a43a64b5a9f36c1254aa4b0fa1eb9a41d0eb58faad9b3d316a
756aaadc242f919daec07aa78070c5ac5418b3bd7547025676657817674f6cfd
7754b3b966b7772e3be8792c6dba77b4ffdac9d93019b01af14c20fbd4321b3f
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c477a41c984ea9041127149772459966705113ef9cf300f69f724374fc6cd6f
7d57550bd58a08e2a1b0eef219a9dbbd525ec2176437c2ae455cb102ee1da2a8
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
80c585ce5507aa82336e73df5e7411b4679a7aeb600b8c137e70fa4d551cc4c2
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8546baef63781447eef865aefc44b42466568cd0043e1d323c66b0f31a2dd6c0
8598fde7fabef054baf14a945a347c1f2311e8b5145199aeed5725e842d48ec5
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8727d9c01c8591ed8626da718e82bb55a54dc4a486a3f3f572335985f8014c0e
873393a05908a3a9edb8ae7dba2e6ab2cf902a99eb4f77428d35650ec6cd3cd0
8ad6ef15c893e19ca51beacb649a9a1a5f1e16527621dd838b10bd748e2bff46
8bc38f41caf8475e5c70dd384d90d20998e45b17725b2d86ebd00e76d67436a3
8bec348a0226f19f54fe5142f60c053babfe1e9fce5ba8953e60828bd051785d
8e68116bc7e240285fe9125e7d5cfe11aa818b0780b4089138145893348a4380
8f7ded4b688a27af5776a865c217b57c4143392e1cb2ceb3eb7e93033ef50c71
8f7f2e6e9846753468e37d570cf9ce4d674d8d301876035119573279fac1f7a6
90039b5cdac762651ef5dc26d3230b87500034670b378f55382b09537f395b4d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94896ce4389c53a0ccaddd54a349db997b1d66238b8cb2b743030d9b8725a019
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
9c88a7ccc6c35b5083d91e28ed91de4715911c70fcedec2b68acd8b74470480e
9d1db52cabe6e826d52389582bb6a3d2a7d750518f65a64b78a8a598309903de
a2c2f1d7728a66a302d0f226406772173d4569e8a8fc10e9670d7e566e7d0268
a2cd3a4648d10ee850a3dfac3f8333bf219b896d4636b98581b03ae028a2d7ba
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4
a3fb47df6fccc360f36353099993a1728c576536375a98705c5179aa1a1e191c
a471a53408958da51e8df8b8d19e5389b002f916c0c0515f85ffbf09baf78d6b
a4e18a8d98ab695fa02c99cf5de4e717159b94965a97b08e945ab5ea5d54b156
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a9521db8c41cdfe90d860c253f86f77312837187c27de15499f8bd3a8647e171
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0d73c6aa0094b56a7b2e7fc9014047a15c9ef3aa9403a6e7a7ecf919a9a282
afd8736900c611a7514a3ae94e9432479c0d7852689fcd104695bdddd8a2f57e
afdb897372300b0a4adfc7e79332ab1e13b7f22a3cb4690d238522a0886539ad
b0373ea70dd48e32f9e47c4995630908c1141bce66a66d540aad3b363a2f27b9
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b6753afceb875801f1a1bcf9483a46d048de589de42df0fd514d43abca8d5217
b7d6641d03a90d1736cc8c5c4ad99bf73eb21e95c93bafc55a7a3d22100f0779
b91b53fef1feb4a00ba6e72937894a398441c54f7b120064eb957760bd36306b
bebfc209e8e630a7b4ec0f0ef7d0cd1539e44e733c3ceaba266e2806495a5ef5
c04774b6296678d6fcaddd28925aea4008135c918548496ea7b7c29fb2d72d3c
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2443a79d678039401f2c6aee0dbc42d3baa040a3c5a44b7fc509f2fb3274581
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c5b298bdd118c4b96b530f8a13df48d857b161957c57fc1a4face478d375635d
c677e7e59b2a945d5adac85c58e5fba745286343f823dabd3d7a4a0046ddb89d
c6c0cf4c2c8b4eae24733d76b9da4e0edc5a685f2bcdd4d602e17b657b3358c2
c739e0efc70b278c18cd8da50295f163904b7bea346b783c373cd4ee09691f1d
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
c9be9fbeaab97433c8175779e57d554a8e1ba6f91e934863e9f350eaae3be3c6
ca4807bcd016bde95f1a05b75fd42a6529ebdcc74b0a707f12c744d31100006a
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
caf99f1cbf2a8320bec82de7890f95e7d5b9559d7c8d04ab479517dfec05a7ea
cc4a2b18a49c0b5d6828746e8fcde20a521664d1060d75ff550d70746e6c1cc5
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
ce960f29415d47e8e8ede5a2e48d9b4f4376dcc0fa97ad9ffad0d08d28d31c09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d264dd235f0b9617c9534a2639ecb05590f2f3a5d24b9473e6053153fb31f519
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d7fe39e92b4ecaa2d8161b50173e0716136feda53c551ba9b85315f03107cd8b
d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52
dbbaf8d65b0f93f0917e1371b5c9df6862501b47bf980eab24be520ab4050776
dc7f147114d723bcb1c574b93b76e862e5fbb478253b0510025e255aa7d08645
dd2a471c9a244edb79af3354718c3968e1f56bcf8b82b6bab20da6aaa971fa3a
dd678abe4206125f55c6db17aabe17aaabe8daa1b4b168ec17ca1c391791e731
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df76a49c4fc856c13b3999ac5324970e9636fe63f47813c934c5e67b13911107
e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911
e254e21c86519478ea128acd3d543b567c71f364eefc70bae657f5818c18ddfb
e3aaf4eb43762eb0a12cb6f9ce8c1743bdbf88a28d8b0fe5026ca098713193fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4968670269e864e85789cf9a0b5bbf7c4f6965c12e518655f4c3da04b96d1d5
e504ee9b98727faf79bcf69da7c3dfe4cbcc0df7f45908914e49dec09b27d58d
e5526a9d8dd37f8f5b82ded543bcbfbe1165fbb82f41d4855b99845c63ad98a2
e9314dcdd6a52e90e2d4e6d6bb5189d7076f658a5c036688d3d3684c6511768c
e941f4613a62512e388fe89fcff97665620fe5ecb17511e488f97ec6b4912828
ea6e7b2fd424e50dfa8b3a1a8a504f98b76bf1ce4b87a3d598afec396c544102
ec2a96501b91fcaf2db6eb6ae3513dd7a76c9754f623b08c19e80f6d7b5d48a7
ef13a00969cb7b1f061d92814dc1318acaa9687600d8687f0d615c3b7f4e0340
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b
f06858ebff3571e21150204c3dd2b8933bfa9f4ad0c8b928f4abb0154e816b21
f1bb47b8efb6a86a7faa2b69f3109da14f4fa7ebefd10026a534724ab57188d2
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f33dfe69dd9091f9050d5bbe9c13de44844ed7e0aa14f775cbad8882b47ab0a9
f45a13a60901989d54f571c1ca7bf81ec213be82e6c109c9f0e3f4b2e43e06fa
f47e5a573becfd926e196ca89ef79fa1c542fac60ba03e124e5266076dd61052
f57db404c841fc1a045d674d20a1f964f1d4aa7f7d59969d17c915eddd78875f
f66d09672939516de9c5c2829b9c7cef42b73a226cdf60913d16e42e37970c1d
f77237114f40329885a24a86a726fd9a0945d4bdcec920bf18157cf03d4a1140
f9a54a02da898c9b7be2b99747f81d884b13bbf6d1a9b92395414e9a96b544ae
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fbf475dc9880897c8a88304c06d0f3f47c4b586f7961edeb90d388ae5bc164f2
fc8f981e55bac9f2999abab458c6a9a7a97e9c4d1beef2e663bf97cfe340a688
fd465ca2273945009162c292d5e28f4be78a1ed4512f93e79d2c1275e99a7459
ff0802dba344edbb3666900f129464ec7cf8f2602e5c32cf2e1ae558d8f78031