www.farmonline.com.au Open in urlscan Pro
143.204.98.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Submission: On November 26 via api (November 26th 2021, 11:10:44 am UTC) from US — Scanned from DE

Summary HTTP 302 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 36 domains to perform 302 HTTP transactions. The main IP is 143.204.98.3, located in United States and belongs to AMAZON-02, US. The main domain is www.farmonline.com.au.
TLS certificate: Issued by Amazon on April 26th 2021. Valid for: a year.

This is the only time www.farmonline.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	143.204.98.3 143.204.98.3	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.96.77.232 34.96.77.232	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	23.45.110.243 23.45.110.243	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:1::1 2a0b:4d07:1::1	44239 (PROINITY ...) (PROINITY PROINITY)
5	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
16	104.108.145.172 104.108.145.172	16625 (AKAMAI-AS) (AKAMAI-AS)
3 15	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	18.169.85.185 18.169.85.185	16509 (AMAZON-02) (AMAZON-02)
1	35.179.78.10 35.179.78.10	16509 (AMAZON-02) (AMAZON-02)
1 4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
70	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
8	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:4200:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	104.108.145.56 104.108.145.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	18.211.139.241 18.211.139.241	14618 (AMAZON-AES) (AMAZON-AES)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	54.154.13.77 54.154.13.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 1	52.212.56.195 52.212.56.195	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:da00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.66.131.200 54.66.131.200	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 27	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	52.31.31.218 52.31.31.218	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:a00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:3200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
302	60

34 143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net

www.farmonline.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com

origami.secure.ownlocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.45.110.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-243.deploy.static.akamaitechnologies.com

farmonline.us5.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.85.185 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.179.78.10 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-78-10.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.56 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-56.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.139.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-139-241.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.13.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-77.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.56.195 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-56-195.eu-west-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:da00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.66.131.200 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-131-200.ap-southeast-2.compute.amazonaws.com

pixel.roymorgan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.31.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-31-218.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

gcvletqh6rxtv2c1yfg8yduak6kjx1637925038.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:3200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googleapis.com fonts.googleapis.com ajax.googleapis.com www.googleapis.com	109 KB
37	googlesyndication.com 1 redirects pagead2.googlesyndication.com e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com tpc.googlesyndication.com	492 KB
34	farmonline.com.au www.farmonline.com.au	433 KB
21	google.com 3 redirects cse.google.com www.google.com analytics.google.com clients1.google.com adservice.google.com	170 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com	619 KB
18	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	84 KB
14	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	210 KB
12	imrworldwide.com 1 redirects secure-au.imrworldwide.com cdn-gl.imrworldwide.com secure-dcr.imrworldwide.com gcvletqh6rxtv2c1yfg8yduak6kjx1637925038.nuid.imrworldwide.com secure-gl.imrworldwide.com	84 KB
8	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	203 KB
7	google-analytics.com www.google-analytics.com	76 KB
6	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	2 KB
6	list-manage.com farmonline.us5.list-manage.com	35 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	google.de www.google.de adservice.google.de	2 KB
4	facebook.com 1 redirects www.facebook.com	340 B
4	facebook.net connect.facebook.net	196 KB
4	googletagmanager.com www.googletagmanager.com	209 KB
3	pubmatic.com hbopenbid.pubmatic.com	3 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	googletagservices.com www.googletagservices.com	73 KB
2	rubiconproject.com fastlane.rubiconproject.com	2 KB
2	akamaihd.net ds-aksb-a.akamaihd.net	5 KB
2	survicate.com survey.survicate.com surveys-static.survicate.com	95 KB
2	ownlocal.com origami.secure.ownlocal.com	14 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	77 KB
1	nr-data.net bam-cell.nr-data.net	715 B
1	roymorgan.com pixel.roymorgan.com	515 B
1	newrelic.com js-agent.newrelic.com	17 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	brightcove.net players.brightcove.net	254 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	cloudflare.com cdnjs.cloudflare.com	17 KB
1	rlcdn.com api.rlcdn.com	332 B
1	adsrvr.org match.adsrvr.org	547 B
1	maxcdn.com twemoji.maxcdn.com	5 KB
1	indexww.com js-sec.indexww.com	35 KB
302	36

	Domain	Requested by
70	ajax.googleapis.com	farmonline.us5.list-manage.com ajax.googleapis.com
34	www.farmonline.com.au	www.farmonline.com.au
27	tpc.googlesyndication.com	1 redirects www.farmonline.com.au e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.ampproject.org
15	px.moatads.com	www.farmonline.com.au
15	www.google.com	3 redirects www.farmonline.com.au farmonline.us5.list-manage.com www.google.com e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
8	securepubads.g.doubleclick.net	www.farmonline.com.au e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
7	pagead2.googlesyndication.com	www.farmonline.com.au tpc.googlesyndication.com www.gstatic.com www.googletagservices.com
7	www.google-analytics.com	www.farmonline.com.au farmonline.us5.list-manage.com
6	cdn-gl.imrworldwide.com	www.farmonline.com.au
6	www.gstatic.com	farmonline.us5.list-manage.com www.google.com e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
6	farmonline.us5.list-manage.com	www.farmonline.com.au farmonline.us5.list-manage.com
6	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	cdn.krxd.net	www.farmonline.com.au cdn.krxd.net
4	www.facebook.com	1 redirects www.farmonline.com.au connect.facebook.net
4	connect.facebook.net	www.farmonline.com.au
4	fonts.googleapis.com	www.farmonline.com.au securepubads.g.doubleclick.net
4	www.googletagmanager.com	www.farmonline.com.au
3	googleads.g.doubleclick.net	e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
3	as-sec.casalemedia.com	www.farmonline.com.au
3	e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com	www.farmonline.com.au
3	htlb.casalemedia.com	www.farmonline.com.au
3	hbopenbid.pubmatic.com	www.farmonline.com.au
3	www.google.de	www.farmonline.com.au
3	stats.g.doubleclick.net	www.farmonline.com.au www.googletagmanager.com
2	encrypted-tbn2.gstatic.com	e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
2	encrypted-tbn0.gstatic.com	e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
2	encrypted-tbn3.gstatic.com	e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
2	www.googletagservices.com	e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
2	secure-gl.imrworldwide.com	www.farmonline.com.au
2	secure-dcr.imrworldwide.com
2	adservice.google.com	www.farmonline.com.au
2	adservice.google.de	www.farmonline.com.au
2	fastlane.rubiconproject.com	www.farmonline.com.au
2	platform.twitter.com	www.farmonline.com.au
2	ds-aksb-a.akamaihd.net	farmonline.us5.list-manage.com
2	consumer.krxd.net	www.farmonline.com.au cdn.krxd.net
2	cse.google.com	www.farmonline.com.au
2	origami.secure.ownlocal.com	www.farmonline.com.au
2	maxcdn.bootstrapcdn.com	www.farmonline.com.au maxcdn.bootstrapcdn.com
1	encrypted-tbn1.gstatic.com	e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
1	gcvletqh6rxtv2c1yfg8yduak6kjx1637925038.nuid.imrworldwide.com
1	bam-cell.nr-data.net	www.farmonline.com.au
1	pixel.roymorgan.com
1	secure-au.imrworldwide.com	1 redirects
1	beacon.krxd.net	www.farmonline.com.au
1	js-agent.newrelic.com	www.farmonline.com.au
1	syndication.twitter.com	platform.twitter.com
1	ping.chartbeat.net	www.farmonline.com.au
1	clients1.google.com	www.farmonline.com.au
1	www.googleapis.com	www.farmonline.com.au
1	players.brightcove.net	www.farmonline.com.au
1	static.chartbeat.com	www.farmonline.com.au
1	cdnjs.cloudflare.com	www.farmonline.com.au
1	api.rlcdn.com	www.farmonline.com.au
1	match.adsrvr.org	www.farmonline.com.au
1	analytics.google.com	www.googletagmanager.com
1	twemoji.maxcdn.com	farmonline.us5.list-manage.com
1	surveys-static.survicate.com	www.farmonline.com.au
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	z.moatads.com	www.farmonline.com.au
1	survey.survicate.com	www.farmonline.com.au
1	js-sec.indexww.com	www.farmonline.com.au
302	64

This site contains links to these domains. Also see Links.

Domain
www.ruralbookshop.com.au
www.farmonlineweather.com.au
www.agtrader.com.au
www.countrycars.com.au
www.livestockconnect.com.au
www.horsedeals.com.au
www.facebook.com
twitter.com
www.twitter.com
www.domainrural.com.au
www.agquip.com.au
www.fairfax.com.au

Subject Issuer	Validity	Valid
farmonline.com.au Amazon	`2021-04-26` - `2022-05-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
widget.secure.ownlocal.com GTS CA 1D4	`2021-11-10` - `2022-02-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-04` - `2021-12-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-09-27`	a year	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-13` - `2022-11-09`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2021-08-04` - `2022-08-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
pixel.roymorgan.com Go Daddy Secure Certificate Authority - G2	`2021-09-29` - `2022-10-31`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Frame ID: 1434D95249A7E22427F4E17E1E5DA835
Requests: 143 HTTP requests in this frame

Frame: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Frame ID: 2BE6B8F81752BEB49D77B4F10442FA63
Requests: 83 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 6F3784516D580F797597937305301E00
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df137906d42945e8%2526domain%253Dwww.farmonline.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.farmonline.com.au%25252Ff19df05466e5a8%2526relation%253Dparent.parent%26container_width%3D800%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffarmonline%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: 93FE16601DF86AB62315D9BA8D156C33
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 67C0CDA712E0373ECBDB9306CC781F1C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.farmonline.com.au
Frame ID: 877199E6051428AC57CC786C7150B2EC
Requests: 2 HTTP requests in this frame

Frame: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E89A0B93DFBBA08FCF27DD410427D57F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 961557041DFE6DFAD4E6BBEAB00C02D2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7407158D881C87C36ED313EEFE4117B8
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 078C85652C0788001F08F4226BDAC37D
Requests: 3 HTTP requests in this frame

Frame: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 985D415189305C560F93BD276D3128EB
Requests: 9 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 21F9CB66E916F6C8D834953134A783CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html
Frame ID: 17E54C910AFC94CF0966EED0EF903C13
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 23F8E0FEF830650332CAAAE8D3B1EC32
Requests: 2 HTTP requests in this frame

Frame: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 386023B969E0DE8210BB20BA7EF7AE26
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 269BDC208CC0478D070B1EB332DF28EB
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber attackers told JBS 'don't panic, we're in business not war' | Farm Online | Australia search

Page Statistics

302
Requests

99 %
HTTPS

60 %
IPv6

36
Domains

64
Subdomains

60
IPs

8
Countries

3782 kB
Transfer

9965 kB
Size

25
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ruralbookshop.com.au/
Title: Rural Bookshop

Search URL Search Domain Scan URL

URL: http://www.farmonlineweather.com.au/qld
Title: Forecasts

Search URL Search Domain Scan URL

URL: http://www.farmonlineweather.com.au/warnings.jsp?lt=wzstate&lc=qld
Title: Warnings

Search URL Search Domain Scan URL

URL: http://www.farmonlineweather.com.au/satellite/qld
Title: Satellite

Search URL Search Domain Scan URL

URL: http://www.farmonlineweather.com.au/radar/qld
Title: Radar

Search URL Search Domain Scan URL

URL: http://www.farmonlineweather.com.au/synoptic/
Title: 6 Day Outlook

Search URL Search Domain Scan URL

URL: http://www.agtrader.com.au/?s_rid=QLDCountryLife:MainNav
Title: AgTrader

Search URL Search Domain Scan URL

URL: https://www.agtrader.com.au/category/property/for-sale
Title: Rural Property

Search URL Search Domain Scan URL

URL: https://www.countrycars.com.au/
Title: Country Cars

Search URL Search Domain Scan URL

URL: https://www.livestockconnect.com.au/
Title: Livestock Connect

Search URL Search Domain Scan URL

URL: https://www.horsedeals.com.au/
Title: Horse Deals

Search URL Search Domain Scan URL

URL: https://www.facebook.com/farmonline

Search URL Search Domain Scan URL

URL: https://twitter.com/FarmOnline

Search URL Search Domain Scan URL

URL: https://www.twitter.com/@shangoodwinbeef
Title: @shangoodwinbeef

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=14672
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=14672&text=Cyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27&via=FarmOnline
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.agtrader.com.au/
Title: Search thousands of classified ads ONLINE

Search URL Search Domain Scan URL

URL: https://www.domainrural.com.au/
Title: Search over 20,000 rural real estate listings online including farms, rural property and acreage for sale.

Search URL Search Domain Scan URL

URL: http://www.agquip.com.au/
Title: Australia’s premier industry field day event, the 2015 Commonwealth Bank AgQuip.

Search URL Search Domain Scan URL

URL: http://www.ruralbookshop.com.au/
Title: Buy rural and agricultural books and DVDs online.

Search URL Search Domain Scan URL

URL: http://www.horsedeals.com.au/
Title: Australia's Horse Trading Magazine. Everything equine - Buy, Sell, Ride.

Search URL Search Domain Scan URL

URL: http://www.fairfax.com.au/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 108

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df137906d42945e8%26domain%3Dwww.farmonline.com.au%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.farmonline.com.au%252Ff19df05466e5a8%26relation%3Dparent.parent&container_width=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ffarmonline&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df137906d42945e8%2526domain%253Dwww.farmonline.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.farmonline.com.au%25252Ff19df05466e5a8%2526relation%253Dparent.parent%26container_width%3D800%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffarmonline%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Request Chain 196

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 246

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 276

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 289

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfpI3v9QEQ9AQY9AQyCPi7Yd1M4vX7 HTTP 301
https://tpc.googlesyndication.com/simgad/4493708271716875287

302 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/ 104 KB
26 KB 337ms
306ms Document
text/html 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-3.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

03abc11e3e6b525befce40f091767640ee672dad332bc5e296298129c9dd775b

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Fri, 26 Nov 2021 11:10:36 GMT
server: nginx
last-modified: Fri, 26 Nov 2021 11:02:21 GMT
content-security-policy: child-src * blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,User-Agent,Cookie,Origin
x-cache: Miss from cloudfront
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GiEVNW8896tf0p0RfsxxeZsaKcZjyufK6wUi5eKulvpnO2cbDPBQzw==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 40ms
24ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 21477258
cdn-cachedat: 2021-03-11 11:58:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a754e168c4f0fb62e4072354b1d05890
cf-ray: 6b42abda3ae66928-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 base.css
www.farmonline.com.au/static/1637815676/krypton/css/ 161 KB
30 KB 17ms
17ms Stylesheet
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonline.com.au/static/1637815676/krypton/css/base.css
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 18a336d239d72ba3fd0a0f4bad1c446ae40437a3a04b079c9eb559a9638723bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-2829a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: sYBnqGNDrppVAmwnyIB-JfF_R4CB_Tv27-fpYcnBWHGzbnqSc13x8w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.css
www.farmonline.com.au/static/1637815676/krypton/css/ 51 KB
10 KB 23ms
22ms Stylesheet
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonline.com.au/static/1637815676/krypton/css/desktop.css
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 3251c9b63ad052a866cf19f73739900747fb52c99b10792e2417fe73f1081131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-cc29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BpqNMBnMPW8Qt0krUeiHTYo4Mboq6nb7P20aSBN9sF88huo3vAmolQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 brand.svg
www.farmonline.com.au/static/1637815676/sites/farm-online/images/masthead/ 4 KB
2 KB 18ms
17ms Image
image/svg+xml 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/static/1637815676/sites/farm-online/images/masthead/brand.svg
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: f8f21ef063990b4a26b23e86f3764a0f34419e4c163f949f99aaa139a16b1529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: W0t2tr7mzuIpVL7g5oOQhH6_OwnjK8sFWh3AOOy-aHB5Z4dw0JuB3A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 309 KB
84 KB 66ms
43ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPMZ4JM

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eda48b35b48114ee620f8a35970ceb937aeae38851ff490510ba3588a6f23ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85211
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H2 200 mobile.css
www.farmonline.com.au/static/1637815676/krypton/css/ 77 KB
14 KB 20ms
19ms Stylesheet
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonline.com.au/static/1637815676/krypton/css/mobile.css
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 1c7849ca7489f09a149cc7239e38c90ce3247ea0c01e692b7eecd300ee9d9f4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-132d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 32SSaHJ6E_-MvHAood3ovTgAITvEqI93cnihLJND4gRS1L54Jl53tA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablet.css
www.farmonline.com.au/static/1637815676/krypton/css/ 59 KB
11 KB 18ms
17ms Stylesheet
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonline.com.au/static/1637815676/krypton/css/tablet.css
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 6f2723de2b82955926ea3c757036b1b2c44b39fdfa36eb28ee5b3e79a6254c35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-ebf1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jy-5uO3lfMnrNkum0EBrapNX6qu-WgMPU-0kWb6ocEc63su7DnyXoA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablet-landscape.css
www.farmonline.com.au/static/1637815676/krypton/css/ 57 KB
11 KB 19ms
18ms Stylesheet
text/css 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonline.com.au/static/1637815676/krypton/css/tablet-landscape.css
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: cdfb5393d5988c571d7ce1cebc070e9d7c0c25036f1d6ed32eb640fd26fcb6de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-e558"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Uv9ANDCtFMPqKwg6tXxog2Kje_xdNK3ycPC5M6K6TI5UFrGxjbD6FQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 r521_0_6146_3750_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/5695ccfd-606c-4ca7-80cc-f9821e8bbb8a.jpg/ 2 KB
2 KB 17ms
17ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/5695ccfd-606c-4ca7-80cc-f9821e8bbb8a.jpg/r521_0_6146_3750_w105_h70_fmax.jpg
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 34e41485d0142e3a242412c0bb49d097817e03be3c140b4a7ab35b5ee26dc88e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 02:49:47 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 02:40:43 GMT
server: nginx
age: 30050
etag: "64abc78802fd38a2aaba8422bfbed09c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.240 tt:0.151
content-length: 2086
x-amz-cf-id: oFw5JVHjtYvzm661xZtBW9i6leheNFTWWgN8DcqzHwkk4N4tA3EKiQ==

GET
H2 200 w100_h100_fcrop.jpg
www.farmonline.com.au/images/transform/v1/resize/frm/38U3JBx5nNussShT8aZyYjc/689fae5b-d3b4-4cda-b9e8-5fc1471bc7a6.jpg/ 2 KB
3 KB 18ms
17ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/resize/frm/38U3JBx5nNussShT8aZyYjc/689fae5b-d3b4-4cda-b9e8-5fc1471bc7a6.jpg/w100_h100_fcrop.jpg
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 95577f835b8001ec2e138dca298e9c455a8a76e3f6335d4547a1b2671e9aa928

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:00:33 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2016 02:27:30 GMT
server: nginx
age: 342604
etag: "aacf745712dc25275ea12602e3860072"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.239 tt:0.103
content-length: 2450
x-amz-cf-id: mahleymQM_TYWDoJJhKbaXVKJj2FI9s275LwZA7sQfabS2NaWv7bAQ==

GET
H2 404 fairfax-logo.svg
www.farmonline.com.au/static/1448855660/images/ 548 B
548 B 282ms
281ms Image
text/html 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/static/1448855660/images/fairfax-logo.svg
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
content-encoding: gzip
x-amz-cf-id: _O4PSi3fjpvya2TP2DtCqKawqtAehLGYjlTaS-Tpadq2XCtPVxoMVQ==

GET
H2 200 vendor.js Show response
www.farmonline.com.au/static/1637815676/base/js/ 470 KB
147 KB 20ms
20ms Script
application/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonline.com.au/static/1637815676/base/js/vendor.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: b5ba9b461be9ec3368c29a081ee9fcd30dcef667b6a79ac6ba73fb04cbcca7b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-756c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gBP3PyITPXxpx12IgfJU31jxxecmSt-yNI2YZWf4XlimQn1LYKf_hQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 186432-278594325649166.js Show response
js-sec.indexww.com/ht/p/ 113 KB
35 KB 751ms
715ms Script
text/javascript 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186432-278594325649166.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 84090c263e0f79c47ea50c29ad48d787a88b729b9afaac719393065918f459c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:10:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Nov 2021 11:06:06 GMT
Server: Apache
ETag: "763f34-1c421-5d1af13e0d28f"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 35007
Expires: Fri, 26 Nov 2021 12:10:37 GMT

GET
H2 200 app.js Show response
www.farmonline.com.au/static/1637815676/base/js/ 140 KB
41 KB 23ms
22ms Script
application/javascript 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonline.com.au/static/1637815676/base/js/app.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: d10270554058d8f3b33cffce3ebcec58adedae157c9cba6e78c8be6eb1de7017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:42:20 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 04:47:56 GMT
server: nginx
age: 55697
etag: W/"619f157c-22ea9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SS3xWcIEq5B30JptFaP9Tpm3CcFyO8826HXk1Bu2AGomRkJJpxxMlQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 origami-widget.js Show response
origami.secure.ownlocal.com/ 13 KB
14 KB 71ms
8ms Script
application/javascript 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami-widget.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 01:06:52 GMT
age: 36225
x-guploader-uploadid: ADPycdvLZ2hzsL5kQp1FngIxN8FjsBK6-dD7Qb_wyDU3WNS81Qbq8CkhXPwuBpeVr7kX1uhzQWPXtXT57HeXmYfpBDI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13289
last-modified: Mon, 19 Oct 2020 18:40:43 GMT
server: UploadServer
etag: "f5183a07384a657e61aaaeba0fc72448"
x-goog-hash: crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation: 1603132843078573
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 13289
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 27 Nov 2021 01:06:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,700|Merriweather:400,300|Open+Sans:400,600

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/static/1637815676/krypton/css/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d970499b66ae7c3c2e390356c3c5b5519c77ded49b900fa4b3f458614b2326f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 11:10:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 11:10:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
5ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85fd480567eed20e6cd15e42b3462d9b9170454c44e8b22817d40b67518757e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p4NWONa63B7LVikeAlZ0iA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: CrSBjzalvCzGUTofJkrDUXeJgPTk4KlG4bJbEIThergPiEB0sacrbKEB5kxUskatFl2LSyDoNThOXDyifnGHWw==
x-fb-trip-id: 686109401
x-fb-content-md5: 0615a5e71307afa74d7860d922a74712
x-frame-options: DENY
date: Fri, 26 Nov 2021 11:10:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d3f5fbfcb9d4d61b226f40b694819e1f"
timing-allow-origin: *
expires: Fri, 26 Nov 2021 11:14:02 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 63ms
41ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=006100882792030693314:h3qh9rmqzbg

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

46203bc0ffd4548a72b65078b4137b6e34531120372aaf6ad23eea26d4a970c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2920
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 26ms
15ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 2454638
cdn-cachedat: 2021-06-08 21:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ea3467e6ce46532e67dc8f8db7131db8
accept-ranges: bytes
cf-ray: 6b42abdaad3b2b7d-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700|Merriweather:400,300|Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 595115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:52:02 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
19 KB 26ms
17ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700|Merriweather:400,300|Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29d48c55bdf3839337426482acf82b39999f7acfd0215d0f69a9920f6d07026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:08:13 GMT
x-content-type-options: nosniff
age: 248544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19776
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:08:13 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v20/ 35 KB
35 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v20/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700|Merriweather:400,300|Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:05:24 GMT
x-content-type-options: nosniff
age: 147913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35440
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:00:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 18:05:24 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 20 KB
20 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700|Merriweather:400,300|Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:24:12 GMT
x-content-type-options: nosniff
age: 236785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 17:24:12 GMT

GET
H2 200 subscribe Show response
farmonline.us5.list-manage.com/ Frame 2BE6 32 KB
10 KB 218ms
182ms Document
text/html 23.45.110.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-110-243.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 3e10d54e5dbe8e7872e49bc0e65cf0db8134fb5dd543c656a3e34e8541098e71

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

server: openresty
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,1mRUM,1
date: Fri, 26 Nov 2021 11:10:37 GMT
content-length: 8674

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
81 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b57a47d122684d6e0cdbbfbdeaa39191

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ecff7a9d361b13d4e4d16088ff7fce1b8f8ef201e82c65be020d41f84e331d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.farmonline.com.au/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4cGOwJU+948rC5W05Z+cdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82875
x-fb-rlafr: 0
x-fb-debug: kd5kiy93aZ610nkPz5RRehpV0AqYrDDBgwmyMoTkpR6YUNOKJTu6eV1lSpVdwT8NBFk1+lN6vjgDfQfrVOf1Zw==
x-fb-content-md5: 06262143e914b6ec299e53fa9b31cf3a
x-frame-options: DENY
date: Fri, 26 Nov 2021 11:10:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "14f41e58ea8061bb71fa017dafabce85"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 26 Nov 2022 10:54:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 570
date: Fri, 26 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Nov 2021 13:01:07 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 16ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: YlpNard7qmlM+ectdIObRzfMFx5hKSFu5MSZeplYS5StotMrKm4M4zIWarkB2iOckL1jJIYN1FSio5RKvVY+zQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 26 Nov 2021 11:10:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/94912c09593f641e7067418aaecb8def/ 26 KB
5 KB 110ms
80ms Script
text/javascript 2a0b:4d07:1::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/94912c09593f641e7067418aaecb8def/web_surveys.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 0260e531d8cad40ee403ac7b6b24a0745ebe42cbf168b60a611e4267778a0dcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 08:29:39 GMT
server: keycdn-engine
x-amz-request-id: W5GGMWR1GHJM686N
x-edge-location: defr
etag: W/"638a405c9267e23a1fbab636debcc041"
x-cache: REVALIDATED
x-amz-version-id: EAQUm4.LxhL.KUYRunLUrNz2EsJ8yLYY
access-control-allow-origin: *
cache-control: max-age=30
content-type: text/javascript
x-amz-id-2: LH98bAdVxQvBO9+JOLq+ahuwjxogqxaREQYqz5FKB98VOwYX4LSnoAd+3CiojWDX0e1dfoZJWmw=

GET
H2 200 snxj6l9wj.js Show response
cdn.krxd.net/controltag/ 57 KB
18 KB 36ms
6ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 718f86718572cbcb3ac3eebdb94e52a8298ad4f9a4678d12f7f9f566496491bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 26 Nov 2021 11:10:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 649
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17924
x-served-by: config-service-a002-ash-prod.krxd.net, cache-bwi5131-BWI, cache-fra19166-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1637925037.360287,VS0,VE1
etag: "4d5d98a244b4dc54e0a9637e036c7f8e7213c612"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 moatheader.js Show response
z.moatads.com/acmheader706032617774/ 227 KB
79 KB 62ms
16ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c02e6a93cc2e4093f44bdef8be7bcf82dc7fc3911b772d4351f076e49c6c943

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:24:35 GMT
server: AmazonS3
x-amz-request-id: D2NVTM7E96BXHK7A
etag: "e3ff2c3db08aa04848f05ba23367363a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7965
accept-ranges: bytes
content-length: 80504
x-amz-id-2: XNtxhLQzSX/PZTuTigVD9Rn+z+zaX4YEeMzk6o2jcQbekTtiNH9qsEmZ/OjgIXwW55HtyD/oBlo=

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/54e62135847a1703/ 300 KB
99 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101668
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 20:41:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 23 Nov 2022 12:08:08 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/54e62135847a1703/ 41 KB
9 KB 30ms
8ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/54e62135847a1703/default+en.css

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 20:41:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 23 Nov 2022 12:08:08 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 29ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 26 Nov 2021 11:48:08 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 22ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 26 Nov 2021 12:07:36 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 91 KB
35 KB 31ms
22ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-T2NBD8D&t=acmRollUp&cid=793850567.1637925037

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a021288e8ff42cc07f34dca2af041bf89e6fdc9681815f1ef8ae4a5753bc3203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36057
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
age: 731828
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 328237
content-length: 84509
x-served-by: cache-fra19166-FRA
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1637925037.402449,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H3 200 212556246621990 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212556246621990?v=2.9.48&r=stable

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f503b919164f4e65c9d0e208a5bb758225f26d8c34049df0c19065d99338467d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89020
x-xss-protection: 0
pragma: public
x-fb-debug: hrINWLEI4lq5kehqUqn0UzW5haOtQ0m9VZRKvQpeN6tx+C2EvYpwcNqj6rLFTueonarBC0mBTySy0gbS6OMBQg==
x-frame-options: DENY
date: Fri, 26 Nov 2021 11:10:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 216 B
391 B 223ms
35ms Script
text/html 18.169.85.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&callback=MoatNadoAllJsonpRequest_35154477
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.85.185 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 66afdb39aeb5e09a5920b4b2e8d92f14f66df031fd8cd5f016c8130584c93d8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "e5aad53d5cc94eccbb01bbd05f64c40b79b6d6a7"
content-length: 216
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 83 B
258 B 204ms
26ms Script
text/html 35.179.78.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ACM_HEADER1&hp=1&wf=1&pxm=&sgs=3&vb=-1&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1637925037424&de=112394673742&m=0&ar=553ffc12ef5-clean&iw=f4f5004&q=1&cb=0&cu=1637925037424&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A468%3A468%3A0%3A0&fs=195402&na=1090236849&cs=0&callback=MoatDataJsonpRequest_35154477
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.78.10 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-78-10.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: dd3395aa06137d662084788394713ed3f196fb585a8ad4ad688419dac9cb960d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "349f1f96d0d525c856f0d91df6bfadc90508488b"
content-length: 83
content-type: text/html; charset=UTF-8

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 6F37 805 B
826 B 6ms
6ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 26 Nov 2021 11:10:37 GMT
via: 1.1 varnish
age: 14644093
x-served-by: cache-fra19166-FRA
x-cache: HIT
x-cache-hits: 83224
x-timer: S1637925038.503282,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 146ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212556246621990&ev=PageView&dl=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&rl=&if=false&ts=1637925037525&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1637925037523.1096688241&it=1637925037406&coo=false&exp=p0&rqm=GET

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
29 KB 30ms
15ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9daea8d803090f32b66b97badb28f26098399e4c1e2a14985e5b7a8e5560bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30002
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H2 200 widget_core-12.2.2.js Show response
surveys-static.survicate.com/ 307 KB
90 KB 121ms
7ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-12.2.2.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1ff030eef2b9e9cd4751f77b959f71b9546ee10bec558997b3d0710373f38f40

Request headers

Referer: https://www.farmonline.com.au/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: ZB06E0SX0JTH6209
x-edge-location: defr
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:21442cd4-4375-4702-858c-6c55875eb5be
x-cache: HIT
x-amz-meta-codebuild-content-sha256: d1f0597a39899b77a5d70b42999cef047f8a03352f84d5d952d48960c6bfffb9
x-amz-meta-codebuild-content-md5: ad5bde8c95588d7d2a13810b349e6694
x-amz-id-2: OeeBLGXcRfLsCCkmSG0WkARWc/iNDVeKySQaVJORry0sFWMAIAOAJ7Aa894BXZTQHimIwwyrgN4=
last-modified: Mon, 22 Nov 2021 14:57:30 GMT
server: keycdn-engine
etag: W/"9afda8fe74887ffa68d741d88d22748d"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000

GET
H2 200 twemoji.min.js Show response
twemoji.maxcdn.com/2/ Frame 2BE6 17 KB
5 KB 117ms
6ms Script
application/javascript 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://twemoji.maxcdn.com/2/twemoji.min.js
Requested by: Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0e0e5259e3ff8ea805e0c5660c6336f7f46b14332e3cafb82939e1db3da8b6f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 9ee151bf91ac2e5069dd5351f021d6a7ff809b3d
date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
x-cache: HIT
powered-by: MaxCDN
last-modified: Tue, 01 Jun 2021 07:52:51 GMT
server: NetDNA-cache/2.2
x-github-request-id: 853C:78FA:61476:68B88:619D3C59
etag: W/"60b5e753-4269"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Sun, 26 Dec 2021 11:10:37 GMT

GET
H2 200 dojo.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 112 KB
42 KB 109ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Requested by

Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84fcc2e9aa3d97ae76a77e8506f9366bce1dc63a78ce28ec7842186e89120e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42095
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 09:53:28 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 2BE6 850 B
576 B 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/ Frame 2BE6
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
20 KB

33ms
9ms

Script
text/javascript

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 26 Nov 2021 11:42:37 GMT

Redirect headers

date: Fri, 26 Nov 2021 11:06:04 GMT
x-content-type-options: nosniff
server: sffe
age: 273
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:36:04 GMT

GET
H2 200 QYIixnSBMB Show response
farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/ Frame 2BE6 77 KB
20 KB 10ms
9ms Script
application/javascript 23.45.110.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB
Requested by: Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-110-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 16:10:06 GMT
etag: "d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 19642

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ 238 B
430 B 142ms
33ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 683755df284c52999ee1fa0446d6afebe418bac8e820023b6087728ddfc7d5e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a005-dub-prod.krxd.net, cache-fra19134-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1637925038.668454,VS0,VE27
content-length: 191
x-cache-hits: 0, 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 23ms
20ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e12fadfd9db543d0e3937c2f97d9172670f529efc58c507a4c52492d4470781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61744
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:10:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 113ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-61683903-1&cid=793850567.1637925037&jid=371693002&gjid=1962095934&_gid=917930349.1637925037&_u=aGBAiEAjRAAAAE~&z=842326945

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 11:10:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.farmonline.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 107ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24154746-2&cid=793850567.1637925037&jid=1021962349&gjid=75236331&_gid=917930349.1637925037&_u=aGDAiEAjRAAAAE~&z=1242017509

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 11:10:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.farmonline.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=999307076&t=pageview&_s=1&dl=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&ul=en-us&de=UTF-8&dt=Cyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27%20%7C%20Farm%20Online%20%7C%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjR~&jid=371693002&gjid=1962095934&cid=793850567.1637925037&tid=UA-61683903-1&_gid=917930349.1637925037&gtm=2wgba1KPMZ4JM&cd1=Farm%20Online&cd2=base&cd3=beef&cd4=beef&cd5=article&cd6=Shan%20Goodwin&cd7=26112021&cd35=790&cd36=500%20-%20999&cd47=&cd49=newsletter%2Cnews%2Cbeef-cattle&cd67=2021-11-26T13%3A00%3A00%2B11%3A00&cd68=FarmOnline&z=1858534298

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 13:08:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=999307076&t=pageview&_s=1&dl=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&ul=en-us&de=UTF-8&dt=Cyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27%20%7C%20Farm%20Online%20%7C%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjRAAAAE~&jid=1021962349&gjid=75236331&cid=793850567.1637925037&tid=UA-24154746-2&_gid=917930349.1637925037&gtm=2wgba1KPMZ4JM&cd1=Farm%20Online&cd2=base&cd3=beef&cd4=beef&cd5=article&cd6=Shan%20Goodwin&cd7=26112021&z=1540522752

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 13:08:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 snxj6l9wj.js Show response
cdn.krxd.net/controltag/ Frame 6F37 57 KB
18 KB 7ms
7ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 718f86718572cbcb3ac3eebdb94e52a8298ad4f9a4678d12f7f9f566496491bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 26 Nov 2021 11:10:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 649
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17924
x-served-by: config-service-a002-ash-prod.krxd.net, cache-bwi5131-BWI, cache-fra19166-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1637925038.657301,VS0,VE0
etag: "4d5d98a244b4dc54e0a9637e036c7f8e7213c612"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

POST
H2 204 collect
analytics.google.com/g/ 0
351 B 37ms
13ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7PC84FGF0J&gtm=2oeba1&_p=999307076&sr=1600x1200&_gaz=1&ul=en-us&cid=793850567.1637925037&_s=1&dl=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&dt=Cyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27%20%7C%20Farm%20Online%20%7C%20Australia&sid=1637925037&sct=1&seg=0&en=page_view&_fv=2&_ss=2&ep.brand=Farm%20Online&ep.version=base&ep.primaryPage=beef&ep.secondaryPage=beef&ep.pageType=article&ep.author=Shan%20Goodwin&ep.datePublished=26112021&ep.wordCount=790&ep.wordCountRange=500%20-%20999&ep.memberType=visitor&ep.adBlocked=&ep.Story%20Tags=newsletter%2Cnews%2Cbeef-cattle&ep.datePublishedIso=2021-11-26T13%3A00%3A00%2B11%3A00&ep.storySource=FarmOnline
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.farmonline.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 30ms
15ms Ping
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7PC84FGF0J&cid=793850567.1637925037&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.farmonline.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-61683903-1&l=dataLayer&cx=c

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2ba66b6e8eee6349365fb62b9907039b32f53f2bcb18aa9c0913723093e0d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36127
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 52ms
31ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7PC84FGF0J&cid=793850567.1637925037&gtm=2oeba1&aip=1&z=1891146536

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 34ms
33ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61683903-1&cid=793850567.1637925037&jid=371693002&_u=aGBAiEAjRAAAAE~&z=1280371733

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61683903-1&cid=793850567.1637925037&jid=371693002&_u=aGBAiEAjRAAAAE~&z=1280371733

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24154746-2&cid=793850567.1637925037&jid=1021962349&_u=aGDAiEAjRAAAAE~&z=2028353132

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24154746-2&cid=793850567.1637925037&jid=1021962349&_u=aGDAiEAjRAAAAE~&z=2028353132

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 focus.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 4 KB
1 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//focus.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec78200da887a9a9e84cff0e5757ad00512021dc32172effdcaacccdf4a923f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1427
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 16:54:47 GMT

GET
H3 200 parser.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 7 KB
3 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/parser.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

760919ee95272f61aae38fbd8b1a730574d0f960515f73dbfbefec620fcaf779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3339
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:51:11 GMT

GET
H3 200 DateTextBox.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 262 B
219 B 22ms
13ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/DateTextBox.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49800f1a3925b10d84f958508f0e75490619accef8a2b7d53aeba46724983c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:59:11 GMT

GET
H3 200 NodeList-traverse.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 2 KB
906 B 23ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/NodeList-traverse.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6603465765cdd9036aab99713324f4b18c27eb2e5625af08a4c98e855e41c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 22 Nov 2022 18:10:23 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 6F37 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
age: 731829
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 328240
content-length: 84509
x-served-by: cache-fra19166-FRA
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1637925038.752197,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ Frame 2BE6 13 KB
5 KB 68ms
6ms Script
application/x-javascript 2a02:26f0:6c00::210:ba58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:10:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: Apache
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 2BE6 347 KB
135 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://farmonline.us5.list-manage.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 26 Nov 2022 10:53:47 GMT

POST
H2 201 QYIixnSBMB Show response
farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/ Frame 2BE6 18 B
707 B 128ms
127ms XHR
application/json 23.45.110.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB
Requested by: Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-110-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://farmonline.us5.list-manage.com
access-control-allow-credentials: true
x_req_id: 87c855cc-ddd1-451d-ae6c-9b4ec0eda790
access-control-allow-headers: Content-Type
content-length: 18

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2BE6 49 KB
20 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 570
date: Fri, 26 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Nov 2021 13:01:07 GMT

GET
H2 200 signup-sprite.png
farmonline.us5.list-manage.com/images/icons/ Frame 2BE6 3 KB
3 KB 10ms
10ms Image
image/png 23.45.110.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farmonline.us5.list-manage.com/images/icons/signup-sprite.png
Requested by: Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-110-243.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: cddb0dc1c04a7058690fe79923ecaa6402287e89571cd98c2ec94ea6fab066a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
last-modified: Tue, 10 Aug 2021 17:59:16 GMT
server: openresty
etag: "cbe-5c93842a190c4"
content-type: image/png
cache-control: max-age=81251
accept-ranges: bytes
content-length: 3262

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ Frame 6F37 223 B
285 B 37ms
37ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2265956c521613e157308278663bbabe9e7186816fdb8aab1fc62b31e096288

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a012-dub-prod.krxd.net, cache-fra19134-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1637925038.855967,VS0,VE29
content-length: 185
x-cache-hits: 0, 0

GET
H3 200 Calendar.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 4 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//Calendar.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f5e60c601bbe30fbcf7dd30e32964f13a4da81b21ffe1a25c98ce880908ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1551
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:59:37 GMT

GET
H3 200 _DateTimeTextBox.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 4 KB
2 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_DateTimeTextBox.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2302bc76a4f6f7c8e9eb8f6c38ddea3dbf55658d44e1a9b5bfe34d32a99f3eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1587
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 17:05:17 GMT

GET
H3 200 Stateful.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 2 KB
826 B 17ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/Stateful.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e4b4440ec54a44e4cc39e748cbaa0050d4863e625de024c3dbf1008333943d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 797
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 02:54:59 GMT

GET
H3 200 window.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/window.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b532dd487e3bbc1a2d98d8852e5468e5da395fc5d4b994dfecd64f9f69f247a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1250
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 02:46:32 GMT

GET
H3 200 a11y.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 2 KB
936 B 17ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//a11y.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d20cf4e602e3f6030ca324049a411b73a2036318e61500cb8cdf08d757f489e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:18:51 GMT

GET
H3 200 registry.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 1 KB
694 B 16ms
15ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//registry.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2b4eb06a5e62d252ac1f1f33a1be9c85dd5dfb4cac6e4801abe8c90ea9ec5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:31:22 GMT

GET
H3 200 main.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 81 B
127 B 16ms
15ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//main.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d0f0c7f0118742efd36a12af4aff69fb4bebeddbabdf0a42b316206acbde8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:46:15 GMT

GET
H3 200 url.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/_base/ Frame 2BE6 1 KB
866 B 14ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/_base/url.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b5e0923092f3b3b778d7a54f44ac269eb0e2cec400d7414952d205275ef972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 17:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 22 Nov 2022 17:57:20 GMT

GET
H3 200 stamp.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/date/ Frame 2BE6 2 KB
972 B 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/date/stamp.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cee34a8a8fe5a44edc639167b1075dbbce479a59d810a65a3b0040ec9c8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:29:12 GMT

GET
H3 200 date.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 2 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/date.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50983e42a79683dc2680482451e5a4036c3321d22734eb17522780e42ba9387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1190
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:26:18 GMT

GET
H3 200 locale.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/date/ Frame 2BE6 7 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/date/locale.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e9546c09a4e862ac17300cec20771eed345311c61f8d0b1f1217d6bd5117acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2964
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 08:00:04 GMT

GET
H3 200 CalendarLite.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//CalendarLite.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a179ea8ec4f4059ee78e694de82cf8bd28aecd8854c9d451b04e3b7b61a7793b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2719
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:41:17 GMT

GET
H3 200 _Widget.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 2 KB
982 B 10ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_Widget.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a44ef61548d547660e184f4fbe7da207e5491812b793878aeee1cdc7617255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 944
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:55:20 GMT

GET
H3 200 _CssStateMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_CssStateMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92cb8efa12b7a211b53d7e90cb8e696a8a3ea330553163f6bdb6923d7eb9650a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:20:30 GMT

GET
H3 200 _TemplatedMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_TemplatedMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0e18983af452b6eb675117986abf3e9b42489fd30052a4a2246475495d234e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 09:41:41 GMT

GET
H3 200 DropDownButton.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 2 KB
890 B 11ms
10ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/DropDownButton.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30d65011b4c8fc377b09034c7a7901dd7fb34a695434d18b3309d2c840d4824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 850
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:35:05 GMT

GET
H3 200 RangeBoundTextBox.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 1 KB
617 B 10ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/RangeBoundTextBox.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de932cbac682059adbbee65bca86b77f1de7160449bc96184ad9727ff2a8eb44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 09:36:38 GMT

GET
H3 200 _HasDropDown.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 5 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_HasDropDown.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eebe08e8a4ad246a454e4cfe3a11bc0a5b3a1fb3d24dd1fb4f81d62c3da787e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1978
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:28:11 GMT

GET
H3 200 _WidgetBase.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 7 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_WidgetBase.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d1496cddfcb9b8a2eb2579a35e254c51a9812cb2ab2b83f00d3157fb7fd58e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2765
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:27:27 GMT

GET
H3 200 _OnDijitClickMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 344 B
274 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_OnDijitClickMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eef99d896742eb15af912c9abc8e1d7cf2c66479fb7edf393ebb71f95e755974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:28:04 GMT

GET
H3 200 _FocusMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 313 B
245 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_FocusMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6201bb11e360b3bedb4b09b3ae1b6b177a61c0430b3f628fcf379621faf59c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 22 Nov 2022 18:08:59 GMT

GET
H3 200 uacss.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 921 B
612 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/uacss.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18bc4423f98e2a61a698cd67e3422f837b267ec5b9f2428bead5983fcf7e3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 572
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 14:13:06 GMT

GET
H3 200 hccss.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 191 B
201 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//hccss.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce79a53a4ac82339e9119404fa105cf717d8961c78dc5a6ba8e4a83feb0f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:19:02 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 110ms
41ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186432
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 59802f6bd1a310a7bfb12f38fd17a5aa63b6d64427d6312c894c5bb8c37f4e17

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.farmonline.com.au
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 26 Dec 2021 11:10:37 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
332 B 38ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.farmonline.com.au
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:10:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/6723)
Age: 779
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 46ms
25ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1055 / 937 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 11:10:37 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 61 KB
17 KB 53ms
26ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.farmonline.com.au/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1794259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17086
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-f4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPUUoMoWFJfEepKChvVQr25vIKqDKjKkYazptApuRjubJGinxpPFfuE%2BOeii694RDpSKGQLJGSvz0%2FHgaeHb%2FxmGxDZ1A%2FS44MKlkjtEiNR%2FmNv2l68n%2FhjNZiRCXms7p3twWgHpdKIMY%2BETPynYCkXN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b42abdf391cc277-FRA
expires: Wed, 16 Nov 2022 11:10:37 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 25ms
8ms Script
application/x-javascript 2600:9000:2156:4200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:39:00 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:28:27 GMT
server: nginx
age: 1897
etag: W/"6179eeab-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XuVSNfkkupaZ4TaMKQhK5rfANVnPTqX68qaYbsQChHcgKDsGOIZKww==
expires: Fri, 26 Nov 2021 12:39:00 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/3879528182001/cdO538E0l_default/ 950 KB
254 KB 102ms
50ms Script
application/javascript 104.108.145.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/3879528182001/cdO538E0l_default/index.min.js?_=1637925037342
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.56 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 373e38d8658dda36dbf82f9e1472121526c695307f7191f90c16000c703a54b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qJmT3_mDY.S8EoEAJlm4Bieyo_xRdac8
Content-Encoding: gzip
ETag: "6c4677639f520bc54bfd885c2f7f0c95"
x-amz-request-id: SQ3ECVD364GKGK3H
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 259487
x-amz-id-2: NcXUIv9APzmMNfTPsA4hCvrENBlyjP6RYjcO4Ps1gvlfnX/ggbmHfTfpBW+CtCYvxGMHJEKcQsc=
X-BCOV-Response-Mode: 1
X-Served-By: cache-lhr7370-LHR
Last-Modified: Mon, 22 Nov 2021 02:24:06 GMT
Server: AmazonS3
X-Timer: S1637548834.442752,VS0,VE709
Date: Fri, 26 Nov 2021 11:10:38 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=219
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 / Show response
www.farmonline.com.au/stories/chartbeat_stories/ 1 KB
1001 B 320ms
319ms XHR
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.farmonline.com.au/stories/chartbeat_stories/?limit=10&pageType=article&primaryPageId=31459&section=beef

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-3.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1fb5586acccece4e923ce2086ff471fa4c8ee3a16ff32aa21d6615d932f8df03

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
X-NewRelic-ID: XAADWFRTGwoIV1NSAAQE
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding,Cookie,Origin
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
content-security-policy: child-src * blob:
strict-transport-security: max-age=31536000
x-amz-cf-id: RuQ6n1YNLEc91oRxEljs42-XnvQ58KwZ4ro8QkFNO2x-AG3re-d0zw==

GET
H2 200 5373 Show response
www.farmonline.com.au/stories/ 36 KB
9 KB 316ms
315ms XHR
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.farmonline.com.au/stories/5373?offset=0&images_only=False&_=1637925037343

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-3.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

23874340caffe6e6bcbee1fc814c198ead7fb568a7a90b64344a5ba8a23e653e

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: XAADWFRTGwoIV1NSAAQE
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding,Cookie,Origin
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
content-security-policy: child-src * blob:
strict-transport-security: max-age=31536000
x-amz-cf-id: 7bQPgSHPnpAsVn6DvX61aW_SHQgCgTJWB4CYDnRVzIknSVo-EINn4w==

GET
H2 200 r0_0_6666_3750_w1200_h678_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/5695ccfd-606c-4ca7-80cc-f9821e8bbb8a.jpg/ 72 KB
73 KB 16ms
16ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/5695ccfd-606c-4ca7-80cc-f9821e8bbb8a.jpg/r0_0_6666_3750_w1200_h678_fmax.jpg
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 132b0077ab68dd598cb74becf9f05fb9528bdbbd4187b02fc7bfa068b2079350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 02:44:54 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 02:40:43 GMT
server: nginx
age: 30343
etag: "64abc78802fd38a2aaba8422bfbed09c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.489 tt:0.420
content-length: 73891
x-amz-cf-id: Y95DJblCjYQ5rrN52COaGKza7U6ma6Ae8liTbAXYHp56GoXHkOn7XA==

GET
H3

200

/
www.facebook.com/login/ Frame 93FE
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df137906d42945e8%26...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

347ms
347ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df137906d42945e8%2526domain%253Dwww.farmonline.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.farmonline.com.au%25252Ff19df05466e5a8%2526relation%253Dparent.parent%26container_width%3D800%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffarmonline%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b57a47d122684d6e0cdbbfbdeaa39191

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: r7rYQwBi85PfaItc3ceOh3TUioOHCDIyC9SGRYYSfD3wuASkV+IgSRVV04zoXlL5bAhGjFAliRkbd1kr4ZkY6A==
date: Fri, 26 Nov 2021 11:10:38 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df137906d42945e8%2526domain%253Dwww.farmonline.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.farmonline.com.au%25252Ff19df05466e5a8%2526relation%253Dparent.parent%26container_width%3D800%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffarmonline%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: xStIrd1zNSSTohytGyS4cdbTmQvGYB1phLkDwcWUADTwXCenAc9g7XN5ZRNYV7Rb6+0KkPWVS11nMxB66aFF2Q==
content-length: 0
date: Fri, 26 Nov 2021 11:10:38 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
52 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd6b627fecddb363f6b3646416d359b61ac9f64f054cbcf6249b16920f1a440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "10627874126189271957"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:04:14 GMT
x-content-type-options: nosniff
age: 237983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 23 Nov 2022 17:04:14 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 44ms
7ms Image
text/plain 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 8ms
6ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:12:47 GMT
x-content-type-options: nosniff
age: 25071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 26 Nov 2022 04:12:47 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 43ms
7ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 active_orders Show response
origami.secure.ownlocal.com/api/ 14 B
44 B 165ms
157ms XHR
application/json 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://origami.secure.ownlocal.com/api/active_orders?owned_by=702c748e-db32-4d17-80df-013305d958c8

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

232.77.96.34.bc.googleusercontent.com

Software

nginx/1.17.2 /

Resource Hash

5021e624e752b001ce3e3846e8f158ed4aeb93a4c9a72fdb35a0c5b14a0eea84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
x-xss-protection: 1; mode=block
x-request-id: 1eb6aa5f-43f8-4608-8714-14316ce50ab9
x-runtime: 0.035209
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.2
x-frame-options: SAMEORIGIN
etag: W/"5021e624e752b001ce3e3846e8f158ed"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Origin
cache-control: max-age=3600, public
access-control-expose-headers

GET
H3 200 supplemental.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/cldr/ Frame 2BE6 1 KB
862 B 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/cldr/supplemental.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d895be11c09305dde383007f26c4770cbd66d4ac4bde21ca80d669c8df867e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 822
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 02:45:16 GMT

GET
H3 200 regexp.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 650 B
506 B 16ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/regexp.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5b2c01109a57038f6df6b214f048cae20349051abd3af081f07d888fac7352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 466
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 22 Nov 2022 18:12:06 GMT

GET
H3 200 string.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 955 B
651 B 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/string.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c974a8fa736368287e1f2e16bd2969ed50d80fc1707ed4813eb07de6272f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 17:13:11 GMT

GET
H3 200 gregorian.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/cldr/nls/ Frame 2BE6 4 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/cldr/nls/gregorian.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb6ded6d9850118bf2b04f3d92d50129e08e5df9915befb537c4ce196b66e62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1168
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:57:22 GMT

GET
H3 200 touch.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 1 KB
831 B 18ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/touch.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e55f4225cf329fb15a7300c723bb8d3d66a73307f739e55bc91d3e6eca4ce702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 789
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 02:54:59 GMT

GET
H3 200 cache.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 283 B
285 B 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/cache.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ca71477acc1f5fcb00a83efc8453b0a3d1737a68cbee89fd00458e1c2e6e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:32:37 GMT

GET
H3 200 popup.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//popup.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c476fb0353da06719fadc180621ae83bcafcbfcb918c6d78d7a53caa443e60e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1279
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:40:01 GMT

GET
H3 200 Button.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 2 KB
985 B 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/Button.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4eb9ae91754e1805029c923352fddbe59e3647acb80804f4518bb469c688b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 945
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:27:25 GMT

GET
H3 200 _Container.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 837 B
451 B 18ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_Container.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

189e7578796f0b89cddcbdba1afaf1b3ae67751e95b6a1cf988c8cb217905b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 411
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 18:02:20 GMT

GET
H3 200 css
fonts.googleapis.com/ 8 KB
723 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,500,600&display=swap

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04c3fec343a3139e641d31fd6300ffcff4f0bdfb0188eb1eaf3fabbf2b4e4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 10:04:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 11:10:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H3 200 MappedTextBox.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 806 B
466 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/MappedTextBox.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8dcf48d2959e922d36b3ce8ff833d1c21b9c852ede38a338d2fd079035e6a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 426
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:34:24 GMT

GET
H3 200 Destroyable.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 440 B
302 B 20ms
19ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//Destroyable.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59037ef7bdc05ed33658304172ba6e15a49855d93f0916de4406b6489281c092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 262
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:40:01 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 67C0 0
15 B 17ms
16ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.farmonline.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.farmonline.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 26 Nov 2021 11:10:38 GMT

GET
H3 200 gregorian.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/cldr/nls/en/ Frame 2BE6 4 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/cldr/nls/en/gregorian.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8fe1add9a686bf341acdb1f351481c6b8053bd4383966c9987735a9fd1d18eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1229
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:17:14 GMT

GET
H3 200 place.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//place.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b525992d1184a72b5c785c2731c8f5f05f2580b5a81bcabb5905e338daf57d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1455
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:35:35 GMT

GET
H3 200 BackgroundIframe.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 1 KB
769 B 9ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//BackgroundIframe.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5970cf1fc5023de5dfb9e3047f8eef8257c4f0bfaee714d7a0e7074852ea251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 729
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:44:24 GMT

GET
H3 200 _FormWidget.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 937 B
507 B 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_FormWidget.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f272b6abfa2056017f2c8c4f7885dd4bb99dd73b382b0dff2af046eb38683276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 467
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:30:10 GMT

GET
H3 200 _ButtonMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 726 B
479 B 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_ButtonMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

571bef8b7ee5205a61c4f93b695b18bbbd7e2c78e118b2770d1f737d8af2639f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 439
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 02:49:56 GMT

GET
H3 200 a11yclick.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 1 KB
615 B 9ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//a11yclick.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0719edb87101cf9c192e52c435772c765be78db62f92c13341cc2627c15e57db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 575
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:40:27 GMT

GET
H3 200 hccss.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/ Frame 2BE6 872 B
643 B 9ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/hccss.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9abb08bebcd7c88bb2704b0b3da62b79d11d75e24c5033f3d1d59b3b54c8099b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 03:04:39 GMT

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 8771 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.farmonline.com.au
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 712447
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Nov 2021 11:10:38 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D4)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 38ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 100 B
113 B 30ms
15ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.farmonline.com.au

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

95d2b7f4d7d9c57ab2be6e1e2df41a23af9e08cda3c8544994163be905cc57d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 294ms
98ms Image
image/gif 18.211.139.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=farmonline.com.au&p=%2Fstory%2F7527343%2F&u=ClKLrywSVstWCDhK&d=farmonline.com.au&g=66019&g0=beef%2Cbeef%2Cstory&g1=Shan%20Goodwin&n=1&f=00001&c=0&x=0&m=0&y=6524&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1400&t=hH9coBUV0O3DWD9Uaf917CB3DW4l&V=129&i=Cyber%20attackers%20told%20JBS%20%26%23x27%3Bdon%26%23x27%3Bt%20panic%2C%20we%26%23x27%3Bre%20in%20business%20not%20war%26%23x27%3B&tz=0&sn=1&sv=BzsCUJ1YQ2sCp7KggBA2UWvDrjNo7&sd=1&im=06630ef0&_
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.139.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-139-241.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 ValidationTextBox.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 5 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ValidationTextBox.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbfca8a826915fb844bb8fc3dc38b6f5132d428a192eed79af6275d357751f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1762
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:29:30 GMT

GET
H3 200 _FormWidgetMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 2 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_FormWidgetMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94932aa0ae72d3aa6559af1c01bcf4fcfb55ffb5b4be4436152476118451456d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:44:53 GMT
x-content-type-options: nosniff
age: 595545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2516
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:44:53 GMT

POST
H2 201 QYIixnSBMB Show response
farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/ Frame 2BE6 18 B
693 B 152ms
152ms XHR
application/json 23.45.110.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB
Requested by: Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-110-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://farmonline.us5.list-manage.com
access-control-allow-credentials: true
x_req_id: 42802a1a-c06b-43e2-8660-fd7b6011268d
access-control-allow-headers: Content-Type
content-length: 18

GET
H3 200 TextBox.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/TextBox.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f34e2c06d8b85e26ab292cc11fbad0f6b2a83d911feea8590c849b34981439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:46:13 GMT

GET
H3 200 Tooltip.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 6 KB
2 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//Tooltip.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70deb83511f41ca5075178696171b3c4e917e0dad25d9e9714b4e4de12a44f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2123
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 22 Nov 2022 18:00:49 GMT

GET
H3 200 validate.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/nls/ Frame 2BE6 382 B
276 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/nls/validate.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23822bf7e6386e18fc54020b69d3b85149074eab04f4e88c795dc3b33e123478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 03:18:40 GMT

POST
H2 201 QYIixnSBMB Show response
farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/ Frame 2BE6 18 B
682 B 160ms
160ms XHR
application/json 23.45.110.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB
Requested by: Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-110-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://farmonline.us5.list-manage.com
access-control-allow-credentials: true
x_req_id: eb5190e1-cd43-4b06-93a9-035cf736adb1
access-control-allow-headers: Content-Type
content-length: 18

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 3 KB
2 KB 87ms
56ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 93b93a750ed27ac4d98c8ebc16228a734698b9e69e1d427a4196b727e2755ffb

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
x-openrtb-version: 2.3
content-type: application/json
access-control-allow-origin: https://www.farmonline.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1595

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
377 B 40ms
17ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=245847&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2232039233%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22249389%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22249388%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22164c9466-642c-4592-af4a-74217efb71da%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-26T11%3A10%3A37%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5a752c876738b48502005124702e5d658f321f79ae8bd002eb9a6f916042291c

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.82], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.farmonline.com.au
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 163ms
94ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19530&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&p_screen_res=1600x1200&site_id=225350&zone_id=1105710&kw=rp.fastlane&tk_flint=index&rand=0.7721332807753993&alt_size_ids=10
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 324ff20758b7b19fe749517e6372128391a1cf2d81410daf9ea2141114bdc674

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 11:10:38 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.farmonline.com.au
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8771 232 B
447 B 127ms
110ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8523e000866d44dba2b30762661b9d955e747341

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.farmonline.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 26 Nov 2021 11:10:37 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 11:10:38 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: f6a0894c1b02cfc9f41fe6bbb26212c7c22a105c4165279ade6ab7b1bcff78a2
content-length: 166

GET
H3 200 _FormValueWidget.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 501 B
369 B 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_FormValueWidget.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b899ca21de6b208155f1ca4aec68721c1614b5dfcec7c9faa59a6afee45a833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 10:03:27 GMT

GET
H3 200 _TextBoxMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 5 KB
2 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_TextBoxMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42e51e88b66b6fb122cd45feedea16ae94948318f527555e15ef869e9f82cc88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1747
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 14:29:24 GMT

GET
H3 200 manager.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 341 B
301 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/manager.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31278bb57e655f7c1d19f1dbaa4bcf12dea4191417b2220a670db80657fca980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:50:28 GMT

GET
H3 200 _FormValueMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 1 KB
600 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_FormValueMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5ddf5fc2b95f9b75b6486890a168c326d02f887fae84b72ef39d92e441dd71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 549
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:36:53 GMT

GET
H3 200 _base.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 231 B
214 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcce84153db816fc3da2ab9733f444e8e7771b54191cde6869d070784a41bf6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 09:53:29 GMT

GET
H3 200 WidgetSet.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 1 KB
626 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//WidgetSet.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c17d3b4f527b432aaef35a9c0f65c4959531f5c6afa9635140230fca2f239b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 575
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:21:08 GMT

GET
H3 200 focus.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/focus.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc4e105084df9753cdbd12883b113b2a93725484437a92b50f8d23aaf8ae19d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 09:48:17 GMT

GET
H3 200 place.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 882 B
504 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/place.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f64906d93ec10221ea6a37650d630e0e07681af8a2d0b7c83479b5cb62737848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 14:06:47 GMT

GET
H3 200 popup.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 625 B
423 B 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/popup.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0bab0a7c34d789ae5758b8701181364c8bf1dad8d6537358c8fbd5d9224df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 372
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 22 Nov 2022 18:03:23 GMT

GET
H3 200 scroll.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 134 B
177 B 10ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/scroll.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d391c173c94bc353ff448e7c95fb6f4748364243b5b423e4543edcdde9539abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 14:02:02 GMT

GET
H3 200 sniff.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 66 B
137 B 10ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/sniff.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9dadeb47f7508231cf079043c1b7f44d2b7640363fd8e54610beef7288b2f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:33:59 GMT

GET
H3 200 typematic.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 72 B
135 B 11ms
11ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/typematic.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2d71b9874f85c5187d1a6e28d4e423fdcf48db2d2fd64e10765eee9456e612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 17:19:23 GMT

GET
H3 200 wai.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 780 B
424 B 11ms
10ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/wai.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43d2a6a4be9ba532b3c43b8e1fd7fe0f972af5a66197ac19f8dc15333f6e48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 372
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:50:55 GMT

GET
H3 200 window.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/ Frame 2BE6 129 B
179 B 10ms
10ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//_base/window.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1957bf893c3bcb2e2503b62c24458e3ce13f00132732f7ab9a2c20fd56e3eaeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:26:17 GMT

GET
H3 200 typematic.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit// Frame 2BE6 3 KB
1017 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//typematic.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f78d54bfa35a4d487843a35dca6a4e9298b39bf97765b6207a1bb85456edd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 965
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 02:57:48 GMT

GET
H3 200 ComboButton.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 2 KB
942 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ComboButton.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a801e186e93d5663c6b6bcdd9c0773ce6f625fa660d669ab297c788df348bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 890
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 19 Nov 2022 13:22:55 GMT

GET
H3 200 ToggleButton.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 352 B
287 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ToggleButton.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75840136eb8d8a8b339c12a5567ea8333fed055f57d48aa21b654b84eeafb911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 09:34:27 GMT

GET
H3 200 _ToggleButtonMixin.js Show response
ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/ Frame 2BE6 655 B
416 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dijit//form/_ToggleButtonMixin.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/dojo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e8d848a63eb835f38f178ebd245a433f408d36db75a1210481dd671ab01a796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 364
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:36:53 GMT

GET
H3 200 blank.gif
ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/resources/ Frame 2BE6 43 B
88 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/dojo/1.8/dojo/resources/blank.gif

Requested by

Host: farmonline.us5.list-manage.com
URL: https://farmonline.us5.list-manage.com/subscribe?u=f821a3c0f9ebb195a03cb86d4&id=87f8909d6c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farmonline.us5.list-manage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:04:00 GMT
x-content-type-options: nosniff
age: 176798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 10:04:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 49ms
13ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1637925037424&de=761552581926&rx=943036492454&m=0&ar=553ffc12ef5-clean&iw=f4f5004&q=2&cb=0&cu=1637925037424&ll=2&lm=0&ln=0&em=0&en=0&d=farmonline.com.au%3ACyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A468%3A468%3A0%3A1155&fs=195402&na=2085027643&cs=0
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H2 200 nr-spa-1212.min.js Show response
js-agent.newrelic.com/ 44 KB
17 KB 22ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding: gzip
etag: "8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id: VG6YBKXNYMJ05RRS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16636
x-amz-id-2: CN/OtP3A9z0ShcwSC84Dp2716OPSVqHtXjTa3tL4kDFfrY9FTweTMDz1ynWsKHz8NETzizCEpEw=
x-served-by: cache-fra19126-FRA
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1637925039.557838,VS0,VE0
date: Fri, 26 Nov 2021 11:10:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 616

GET
H2 200 optout_check Show response
beacon.krxd.net/ 83 B
243 B 98ms
32ms Script
text/javascript 54.154.13.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.fairfaxacm.kxjsonp_optOutCheck
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2ed3cb350a5a3860a4e3dc33e27944a217dff16ec5ba638eabad5911e1562ed2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=22 t=1637925038
x-served-by: beacon-n021-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.farmonline.com.au

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
19ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.farmonline.com.au

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
32 KB 354ms
353ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4232296827005519&correlator=538299271622062&output=ldjh&impl=fifs&eid=31063813%2C21068766&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21666581298%2Cfarmonline%2Ccattle%2Cbeef&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%2C1x1%2C6x2%2C6x3%2C1x1&ists=1&prev_scp=pos%3D1%26ur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C1%257C300x600_300x250%257Cdesktop%26urh%3D-1049691325%26ix_pubm_om%3D300x600_5%26ix_pubm_id%3D_HCRAO3a2%7Cpos%3D1%26ur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C1%257C1x1%257Cdesktop%26urh%3D2048175539%7Cpos%3D1%26ur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C1%257C6x2%257Cdesktop%26urh%3D-154101127%7Cpos%3D1%26ur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C1%257C6x3%257Cdesktop%26urh%3D-1961555590%7Cur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C%257Cint%257Cdesktop%26urh%3D338213983&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26ctype%3Darticle%26cat%3Dcattle%26cat1%3Dbeef%26region%3Dnsw%26locstate%3Dnsw%26tags%3Dnewsletter%252Cnews%252Cbeef-cattle%26tag%3Dnewsletter%252Cnews%252Cbeefcattle%26ksg%3D%26kuid%3D%26pageID%3D7527343%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1637924541&dt=1637925038593&dlt=1637925037113&idt=1256&frm=20&biw=1600&bih=1200&oid=2&adxs=1065%2C630%2C797%2C797%2C0&adys=333%2C1636%2C6745%2C6769%2C6775&adks=897400541%2C1805473922%2C2608747579%2C1471045594%2C1544796285&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x-1%7C710x24%7C1600x24%7C1600x24%7C1600x6775&msz=370x-1%7C710x24%7C1600x24%7C1600x24%7C1600x0&ga_vid=793850567.1637925037&ga_sid=1637925039&ga_hid=999307076&ga_fc=true&ga_cid=917930349.1637925037&fws=0%2C4%2C0%2C0%2C0&ohw=0%2C740%2C0%2C0%2C0&btvi=0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d426d8161caec6343cd12a8c0bdaf71d259746301bfdf963048654a1797dc291

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPbB5KDytfQCFVZB4AodTOUKSA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5137889399521447841/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPbB5KDytfQCFVZB4AodTOUKSA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5137889399521447841/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
google-creative-id: -1,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32258
x-xss-protection: 0
google-lineitem-id: -1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Fri, 26 Nov 2021 11:10:38 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.farmonline.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 49ms
26ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d7ab6c405a679199a373a25f25611da4dd6626c22a3d503461e2eaf6e328c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9223
x-xss-protection: 0

GET
H2 200 container.html Show response
e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E89A 6 KB
4 KB 52ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 26 Nov 2021 11:10:38 GMT
expires: Sat, 26 Nov 2022 11:10:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 r3_0_1502_999_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/37uSWs3eyNM24fqefKJaatC/14982e9b-219c-46b7-b4e1-82b9d51d8cd3.jpg/ 3 KB
3 KB 17ms
12ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/37uSWs3eyNM24fqefKJaatC/14982e9b-219c-46b7-b4e1-82b9d51d8cd3.jpg/r3_0_1502_999_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 70b1c18d4f1fb91ced498406c1454636511204633dfadccddac346419167f730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:13:16 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 01:46:14 GMT
server: nginx
age: 14242
etag: "be61ce80be055eb8268ad0df076b30e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.058 tt:0.018
content-length: 2602
x-amz-cf-id: 8Jog6NYGjVgy_YDq-eA6DvVKLMihE-mZshnjBvDJiJVnI2tvVQfeyw==

GET
H2 200 r378_241_4551_3023_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/wBuRnviBxsXKsfGYcn3ULj/b8be1c57-81bd-44e8-b983-78eb61c32f78.JPG/ 2 KB
3 KB 19ms
13ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/wBuRnviBxsXKsfGYcn3ULj/b8be1c57-81bd-44e8-b983-78eb61c32f78.JPG/r378_241_4551_3023_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 56735b026c6527459cbac0a6ad827fbf505d8e560790be026ebe5a73cb9c436a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 00:59:44 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 06:15:07 GMT
server: nginx
age: 36654
etag: "80690a3aaca66ef3b8dd4b22a45f6e6c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.230 tt:0.069
content-length: 2549
x-amz-cf-id: C2ylrXEIdX_knZ77ZGfspUb6YpK7UsFsWWlNMfUnnBnlhPSdVa7J2g==

GET
H2 200 r366_218_3821_2521_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/ad971e7a-bb7f-4077-b9eb-6aa00e3317e9.jpg/ 2 KB
2 KB 20ms
14ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/ad971e7a-bb7f-4077-b9eb-6aa00e3317e9.jpg/r366_218_3821_2521_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 8d96c427512d8d3d3ba0ab9993bf2d0e637c6a53180ce5cdd538ead63fb7f091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 01:28:03 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 01:24:30 GMT
server: nginx
age: 34955
etag: "3c88958a07a418673d706bc5ec848d5e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.194 tt:0.080
content-length: 2170
x-amz-cf-id: WmUkK7DtSdiYU_-Jfn_DlC4McNeYX1e_YBDH5RrgHAdy_3NzoOaL8A==

GET
H2 200 r4_0_2358_1569_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/39XqhrgY6riNnQBs6VEtc8R/1372a2fd-2d53-4180-bd2e-e2c3c8ec9951.jpg/ 3 KB
3 KB 15ms
10ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/39XqhrgY6riNnQBs6VEtc8R/1372a2fd-2d53-4180-bd2e-e2c3c8ec9951.jpg/r4_0_2358_1569_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 34544ae7346908d670068af90be2306fe250c8c1a61955b84541e63b0b6135c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 00:05:22 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 20:09:29 GMT
server: nginx
age: 39916
etag: "777954a2c4b2fb0064d752ec319ab56d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.306 tt:0.102
content-length: 2939
x-amz-cf-id: P9K5no2_-KnSK5nw8lp-398bbHpSibd3Uh6I6ktsUSnOyhckAapTdA==

GET
H2 200 r370_252_4354_2908_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/654a25b1-b98c-4f9b-8302-9c85346185ad.jpg/ 2 KB
3 KB 26ms
21ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/654a25b1-b98c-4f9b-8302-9c85346185ad.jpg/r370_252_4354_2908_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 8ea97f2695f5e74f5c7ef76fae7a7902b6bb774e18b2c62ba3141f89bac00ea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 22:33:13 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 03:28:37 GMT
server: nginx
age: 45445
etag: "f90b57c5a0d9553bc11ac00b6e00fedf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.290 tt:0.103
content-length: 2391
x-amz-cf-id: spSkuYUGG3jqxssnPTyqSgmkhx7qBdG2KChrECOi_zcb_ImwTLow7w==

GET
H2 200 r118_77_1386_922_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/3136b6e6-3c8f-4c97-af98-6795d3090d43.JPG/ 3 KB
3 KB 23ms
18ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/3136b6e6-3c8f-4c97-af98-6795d3090d43.JPG/r118_77_1386_922_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: a568af13e711ff2108a683412ee2cbfecb87d461593ffd638144dbe02ff14940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 22:06:58 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 06:43:03 GMT
server: nginx
age: 47020
etag: "6c231243e1819c5429f0c4a3bb3de533"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.036 tt:0.011
content-length: 2721
x-amz-cf-id: IjTxvP4bmqDp5TcMbkKYHDQgfBTUqpGJlwmKsVhGJvQ2O4CHpc1_8A==

GET
H2 200 r9_0_6038_4019_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/37sRjZccYfaNxXbGxARzun2/0c4122c9-56b8-455b-b9e9-a72c07c830d7.jpg/ 2 KB
2 KB 24ms
19ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/37sRjZccYfaNxXbGxARzun2/0c4122c9-56b8-455b-b9e9-a72c07c830d7.jpg/r9_0_6038_4019_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: ee2d50f2e0635e28cd9ef26de0c80163d69bc6674ca23107a6ae3cb7a71bb5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:06:25 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 03:45:47 GMT
server: nginx
age: 50653
etag: "9d8ce8e35acb1cf5e38b087ad94cb690-2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:1.369 tt:0.385
content-length: 2134
x-amz-cf-id: N8py-rtUeRwx3G7YcLVkyT5zBseX7Y_PHsU886GiaU8KlJV-I4gzcw==

GET
H2 200 r327_253_4716_3179_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/f6wVSEq8bzkpdhMY2ZQ8UE/c42f81df-e0de-4b03-93d7-e0fafcf64d89.JPG/ 3 KB
3 KB 25ms
20ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/f6wVSEq8bzkpdhMY2ZQ8UE/c42f81df-e0de-4b03-93d7-e0fafcf64d89.JPG/r327_253_4716_3179_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 36787516b1ed86202c94791e0d23c2ba2cc6a75dde954cdd080fdd89374347cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 20:07:58 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 03:56:36 GMT
server: nginx
age: 54160
etag: "0365dadd58429f3b6fa633f3794860fc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.250 tt:0.119
content-length: 2561
x-amz-cf-id: RdXfyvr1akSVHphWmld0xi0HXbjUwKEIjsX6UkLLyFqdMIE6-LhG4g==

GET
H2 200 r0_80_1467_1058_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/XftCMkCcRPa3Vky3YfP3wJ/d67dfa46-0999-4a28-a886-20bf7e2b0b07.jpg/ 2 KB
2 KB 29ms
25ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/XftCMkCcRPa3Vky3YfP3wJ/d67dfa46-0999-4a28-a886-20bf7e2b0b07.jpg/r0_80_1467_1058_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 07bca51e977e353732bd266abf3a35f04b78eb3ff78319deb1bcdfbf0ad666ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 00:16:29 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 05:33:41 GMT
server: nginx
age: 212048
etag: "488367923629762645481f598f320926"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.094 tt:0.011
content-length: 2008
x-amz-cf-id: b3Y1FhqolnbNsLIhxPzrJw443tQkjeW3pYaRe5QpqfUJZeMOu8mV5A==

GET
H2 200 r333_307_5414_3694_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/0d836c54-501a-40d5-bb41-2237d97fe98c.jpg/ 2 KB
3 KB 24ms
20ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/0d836c54-501a-40d5-bb41-2237d97fe98c.jpg/r333_307_5414_3694_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 7d580fcb69bc3c906d974e3dde200c117307ecc0bc6da2df803e86a7709949c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:07:53 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 06:15:20 GMT
server: nginx
age: 100965
etag: "486683f06d45e8e15c9a6c3eddeb967c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.707 tt:0.309
content-length: 2557
x-amz-cf-id: vvbi4miNbS8WZ_S0GEaheD6YqXKgyUv6Gfu2zSKrv09HgVSRVtnirw==

GET
H2 200 r0_110_4032_2798_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/1debafbf-558b-4b14-86b6-2df7eea35195.JPG/ 3 KB
3 KB 25ms
21ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/1debafbf-558b-4b14-86b6-2df7eea35195.JPG/r0_110_4032_2798_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: b006388f351e9f61ccded44ca107770a9b0ef4d3c7bb47cd14780b6b011fcabd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 06:10:42 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 05:07:17 GMT
server: nginx
age: 104396
etag: "9a7f489c12e61c609190c3d733a29cd2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.210 tt:0.055
content-length: 2946
x-amz-cf-id: aE0T8kQK6NJAnzgpRA5TW8E4WPgYjiet3jBFoRf0F_UZ3CEvehdbAw==

GET
H2 200 r300_0_3540_2160_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/137947373/473894c9-25f5-4b4c-b63b-c29bbfaa7b89.jpg/ 2 KB
3 KB 25ms
21ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/137947373/473894c9-25f5-4b4c-b63b-c29bbfaa7b89.jpg/r300_0_3540_2160_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: cd512b5513a65c3f45103d8924512edfc778d01fe8c9ca0e0ea39e3288638df4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:03:42 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Tue, 10 Aug 2021 08:43:56 GMT
server: nginx
age: 1606016
etag: "1806748a426fcacaf6975f5ae26e2f11"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.375 tt:0.111
content-length: 2422
x-amz-cf-id: ujSENjsIfVegjS_LPdWWZyrW8lYlQOnUCWhxm4cZ0k3vstFFrOAprQ==

GET
H2 200 r245_0_2785_1693_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/c0aa6dc4-84e3-40f5-b237-ef8b7ca9510d.jpg/ 2 KB
3 KB 26ms
22ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/c0aa6dc4-84e3-40f5-b237-ef8b7ca9510d.jpg/r245_0_2785_1693_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: dec4401f7dc6ae48c45225b1d50893098b57351a91a88f63acc9c660d3a903e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:12:22 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 05:50:11 GMT
server: nginx
age: 115095
etag: "adcb91c097cf04c8f5787accee34e65a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.080 tt:0.032
content-length: 2524
x-amz-cf-id: 8RNclHuudcB95iZbLOoBZsaZfe2zEkCJKwJ40ylk27MZMZBW68KmGQ==

GET
H2 200 r0_4_660_444_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/5Q2j7ezUfQBfUJsaqK3gfB/24b56f9d-476c-4194-8f93-4335735b63fd.JPG/ 2 KB
2 KB 24ms
21ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/5Q2j7ezUfQBfUJsaqK3gfB/24b56f9d-476c-4194-8f93-4335735b63fd.JPG/r0_4_660_444_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 0204c72d82b8bc37390f3b5ff800080800630ece3b38027deb868fbb7ed7bad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:35:35 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 02:26:32 GMT
server: nginx
age: 117303
etag: "9f72e6f4594c0279e6a48760eb3aca13"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.025 tt:0.008
content-length: 2086
x-amz-cf-id: NRP-gB4ZPMScNGMakHUJ_uW2T0BAW-CSxrik_6ZcgKCTGzOuOdVnIg==

GET
H2 200 r933_1415_3000_2793_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/5Q2j7ezUfQBfUJsaqK3gfB/5e42cba6-fd24-49a0-b541-a898c09ce396.jpg/ 2 KB
3 KB 26ms
23ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/5Q2j7ezUfQBfUJsaqK3gfB/5e42cba6-fd24-49a0-b541-a898c09ce396.jpg/r933_1415_3000_2793_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 03eb3d4bc766377a18ed33ca03d6f0cfc9112d9aebd1ceaab1d3ae4536f8afd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:39:34 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 22:42:07 GMT
server: nginx
age: 120664
etag: "b851ae8e12253a4cc356534993c4cd1c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.226 tt:0.021
content-length: 2365
x-amz-cf-id: PlCBUc5VCIuUTGj75y8yx72yCig8d-zYyy3pD9P6hAlOyJli8YZ1Rw==

GET
H2 200 r137_49_5336_3515_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/88a1d388-405e-431c-9d78-29e001e39c64.jpg/ 3 KB
3 KB 26ms
23ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/38U3JBx5nNussShT8aZyYjc/88a1d388-405e-431c-9d78-29e001e39c64.jpg/r137_49_5336_3515_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: ab630a8e4747c1ffefabaefb472e71c196b26c8886c46088d555cc95c95d1241

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 00:42:42 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 23:51:24 GMT
server: nginx
age: 124076
etag: "b8a580ed014c213d617aa4a0031c8460-2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.565 tt:0.283
content-length: 2966
x-amz-cf-id: -nimxk2gyWda5fg4l3Wix6YbDy7uCh0OdeCq8UL0yyEL3kFEZQU7xg==

GET
H2 200 r188_243_4576_3168_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/5Q2j7ezUfQBfUJsaqK3gfB/1042d269-5868-4a1d-ae9d-93181402b4d5.JPG/ 2 KB
2 KB 25ms
22ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/5Q2j7ezUfQBfUJsaqK3gfB/1042d269-5868-4a1d-ae9d-93181402b4d5.JPG/r188_243_4576_3168_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 5a4a8130a3a587b4f76075476cd14a5ce3131a7b3a2c805bb88ecf44889d5c69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 00:05:11 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 05:16:35 GMT
server: nginx
age: 126326
etag: "ef693a571f5efb21afbc1be0473ef127"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:12.778 tt:0.212
content-length: 1936
x-amz-cf-id: Y-SjUmMnQO8ggZaWlwqVXtFRR5VvmW24QG91ZtiJ6bw_F5zzeMkAzg==

GET
H2 200 r0_0_7360_4907_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/39XqhrgY6riNnQBs6VEtc8R/296d5b61-e6b5-4163-a0cb-774283bda30b.JPG/ 2 KB
3 KB 25ms
23ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/39XqhrgY6riNnQBs6VEtc8R/296d5b61-e6b5-4163-a0cb-774283bda30b.JPG/r0_0_7360_4907_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: b8bde2a7aa22c2712f4a23137e64009f706dcfcd6ff2de0af5a9d566ba89af8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 00:42:42 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 00:39:34 GMT
server: nginx
age: 124076
etag: "a36108f3fe087c637942ea2e20b29928-2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.834 tt:0.239
content-length: 2291
x-amz-cf-id: 0aXUs-BETyBHgr6yrk45dJ3UbX_U2cVSTQtRYQtQwQ4ilGVRL5jT6A==

GET
H2 200 r255_306_3009_2142_w105_h70_fmax.jpg
www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/3c1e0d8c-e1cc-41d1-b398-5edf3d045e70.jpg/ 3 KB
3 KB 26ms
24ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonline.com.au/images/transform/v1/crop/frm/8yYKiJXq2Ks3fRrBZY5gaD/3c1e0d8c-e1cc-41d1-b398-5edf3d045e70.jpg/r255_306_3009_2142_w105_h70_fmax.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 79d8986b6e64c3f9e1f3193948d185742be3b747316847fac240a70d2c399160

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 23:06:35 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 05:24:42 GMT
server: nginx
age: 129843
etag: "fb53e6329bd27ced186569e013eb9ed0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-transform-stats: ft:0.170 tt:0.033
content-length: 2581
x-amz-cf-id: -7IC5yAvpd-JRhYClRIDygRqZ0xV2bD2_xqKOfNRoPCz4DuCHPoyyA==

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

7ms
7ms

Script
application/javascript

2600:9000:2156:da00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Server: 2600:9000:2156:da00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 25222
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 26 Nov 2021 04:10:18 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3cnHeNtXd8Bvi_6JK8xowjgfqVZJvIC8sS8g9nRLzV9bNCa-kqp1dQ==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Fri, 26 Nov 2021 11:10:38 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 52ms
7ms Script
application/javascript 2600:9000:2156:da00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:da00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 2J3RA2RMi5eYAj7nmdbu3te_gb7jIgN9
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 15 Nov 2021 15:07:58 GMT
server: AmazonS3
age: 2426
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 26 Nov 2021 10:30:13 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: xS8w3LBk6jzTW4UL_LO12-014TZY4GHuqKCC19yv_5xjIHnvYOb7-w==

GET
H/1.1 200
OK Tress.php
pixel.roymorgan.com/stats_v2/ 0
515 B 1221ms
305ms Image
text/javascript 54.66.131.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=cvcyowszle&ca=20005251&a=5dcilmyo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.66.131.200 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-131-200.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:10:39 GMT
Content-Encoding: none
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.1.33
X-Cache: MISS from pixel.roymorgan.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Content-Length: 0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
436 B 64ms
30ms XHR
text/plain 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=245847&u=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&v=3
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 11:10:38 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.82], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.farmonline.com.au
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=999307076&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&ul=en-us&de=UTF-8&dt=Cyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27%20%7C%20Farm%20Online%20%7C%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F&el=10%25&_u=aGDAiUAjRAAAAE~&jid=&gjid=&cid=793850567.1637925037&tid=UA-61683903-1&_gid=917930349.1637925037&gtm=2wgba1KPMZ4JM&cd1=Farm%20Online&cd2=base&cd3=beef&cd4=beef&cd5=article&cd6=Shan%20Goodwin&cd7=26112021&cd35=790&cd36=500%20-%20999&cd47=&cd49=newsletter%2Cnews%2Cbeef-cattle&cd67=2021-11-26T13%3A00%3A00%2B11%3A00&cd68=FarmOnline&z=1966487110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 13:08:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79333
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/284249/ Frame 2BE6 0
269 B 6ms
6ms Image
text/html 2a02:26f0:6c00::210:ba58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/284249/b?dE=20&cS=20&cE=35&rqS=35&rsS=217&rsE=218&sS=21&dl=242&di=551&fp=1637925037&dlS=552&dlE=552&dc=1261&leS=1262&leE=1262&to=&ol=0&cr=5&mt=&mb=&b=133377&u=https%3A//farmonline.us5.list-manage.com/subscribe&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&pl=Linux%20x86_64&us=&gh=2.16.181.46&t=&rid=37a56c7&r=17073&akM=x&akN=ae&vc=14:17&bpcip=88f3c600&akTX=1&akTI=37a56c7&ai=198907&pmgn=&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 11:10:38 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H/1.1 200
OK b2bc89fc76 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 162ms
138ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/b2bc89fc76?a=98320753&v=1212.e95d35c&to=ZldVNhRRDxBSBkFYXF8dcRcIUxUKXAsaQkZLR1wDSEMVDEEMUEIdR1tSFRUKEhdcF0xuV1RGVgsK&rst=1875&ck=1&ref=https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/&ap=21&be=363&fe=1768&dc=1156&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1637925036772,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:11,%22ce%22:32,%22rq%22:32,%22rp%22:338,%22rpe%22:339,%22dl%22:341,%22di%22:1155,%22ds%22:1155,%22de%22:1228,%22dc%22:1755,%22l%22:1768,%22le%22:1796%7D,%22navigation%22:%7B%7D%7D&fp=467&fcp=467&jsonp=NREUM.setToken
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:10:38 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6b42abe3bfec2c52-FRA

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.farmonline.com.au%2F%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1637925037424&de=761552581926&cu=1637925037424&m=1114&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6723&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A468%3A468%3A0%3A1155&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=farmonline.com.au%3ACyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27%3A__page__%3A-&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195402&na=1353291072&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 7ms
6ms Script
application/javascript 2600:9000:2156:da00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:da00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wnIBsJV.WYX0QccuSdW3u9_ELj0bpyte
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Mon, 15 Nov 2021 15:07:57 GMT
server: AmazonS3
age: 3538
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 26 Nov 2021 10:11:41 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: D-TRPi9b9uJbAe3_qKuHQz6qsplEXBtBrE2bEd1KXSdriQmGHfbYBg==

GET
H2 200 PAC31391F-D55E-466F-8ACE-C8E6BAC31EE7.js Show response
cdn-gl.imrworldwide.com/conf/ 33 KB
7 KB 18ms
17ms Script
application/javascript 2600:9000:2156:da00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PAC31391F-D55E-466F-8ACE-C8E6BAC31EE7.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:da00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d630f4861e0e52eb59add6365442508fb264884d8dbad711034fbca0c59f4161

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 0CIn29fSkPQPvYuEOrSjH9R0ZNVFh4KH
content-encoding: gzip
etag: W/"8a07a61ec487bc7cb0c86dfcff30938f"
last-modified: Fri, 26 Nov 2021 09:17:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Fri, 26 Nov 2021 11:10:38 GMT
x-amz-cf-id: 0TqgqZJZUxyowdN0iZDE6Xvey4BVpG_DNo_nbuPWF52u4GEwt_3HtQ==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9615 12 KB
5 KB 23ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 26 Nov 2021 10:54:17 GMT
expires: Sat, 26 Nov 2022 10:54:17 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7407 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

284a3a5d95ca8e8850b018eb5a4d449ed97cf8119ffc94b1393084a94a28e446

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jlhA3cr8XaWblx7BvxGyfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Nov 2021 11:10:38 GMT
date: Fri, 26 Nov 2021 11:10:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jlhA3cr8XaWblx7BvxGyfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 193 KB
54 KB 11ms
11ms Script
application/javascript 2600:9000:2156:da00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:da00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: zlYBAKd4EFa8SaOhPOy.ffYFxOn9YL7u
content-encoding: gzip
etag: W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified: Mon, 15 Nov 2021 15:07:58 GMT
server: AmazonS3
age: 144
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 26 Nov 2021 11:08:15 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: U_30gv4a2_KRoYQvdX4tZO-9OsZdixXc7LOEovQYJ0i-Z8M0JaZUxg==

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 078C 12 KB
4 KB 7ms
7ms Document
text/html 2600:9000:2156:da00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:da00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

content-type: text/html
last-modified: Mon, 15 Nov 2021 15:07:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: eeUHn6RuBJqT9WBL83URT7i74FkkqMiV
server: AmazonS3
content-encoding: gzip
date: Fri, 26 Nov 2021 11:09:30 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mFRW3sSCBf137qa98L5Ry-Bu9QIqtrB4ui7I068m0sG_ZQG1uCmCIw==
age: 69

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7407 0
0 57ms
43ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=4232296827005519&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9615 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 10:00:46 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 078C 44 B
560 B 124ms
34ms Image
image/gif 52.31.31.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PAC31391F-D55E-466F-8ACE-C8E6BAC31EE7&sessionId=gcvletqh6rxtv2c1yfg8yduak6kjx1637925038&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.31.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-31-218.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
gcvletqh6rxtv2c1yfg8yduak6kjx1637925038.nuid.imrworldwide.com/ Frame 078C 35 B
349 B 48ms
7ms Image
image/gif 2600:9000:2156:a00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcvletqh6rxtv2c1yfg8yduak6kjx1637925038.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 01:26:34 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 35045
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: SrsphtqOcQCPQon00votjwN2Kw3_Vc6enX728UhzWmpwPOb9cVS5ng==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=4232296827005519&bg=!iIuli8_NAAZQLpa_UC47ACkAdvg8WsEuSNMKYjfUAOxuyhV_Whn3wHSXuqhEYrkkd3gtHOYUIy2btAIAAABgUgAAAAdoAQcKAGJI0HH2pSXL7_iN4U82zgHIEoc1nedXDZDwAVdPQ_lPsSdt82sm1dvCdCnCJjK4HOw3UYU1nkSOZ3vaAEvvsZl9rvYOAjNoM_WeyNrsL5HZUzy_NumDrnNhboKK7mk8UnLsZZkCjrHymlPCFpx5L4pjPsAi3mEiWEx7t2p5Q55zj_a2qajJsWoZ9BsfFlIGq0rpSq3i7lRTmAujqI9WB7R_sInk3unb2SofrRO7VcjkHBj3_P8DfpNYW171TYH6gDroU_TJHjJ5e1nC82XKYUjyeO-By6ZaCXf769hBjKJKdKvEiTAgVIZS_PxD3TMziycJUi_qpIvNjwvReiKJpq-pPyVhvNtih0_beLLfq1FIBT2vrjcRKtZDOF9d2ozkwfaDHdNT7sf-CaBZBlatjjugRobpICpzSDAdhGGLLgEvdCA8g--pNGpoz88ENoPwYXzHBnB4tNma7ND7AezVDpL9Z76KjxX1vIINuJ1HiiO4smwWy_sR3tLpLDDu4r70F0sJZUpgDN0BzwogEbS5Bu26xiHadJ80cVsK94ssN6Ike2MnQejuykn4E1rZYZyWx_i8SIi3BfbAymxgty7SfS3ekd_x7Prs2n2Kqpq3ZgXexwicFOoLDslUcYA8iSA5Xs152vLPGm8g_-t7cMIJw7hgzPIRPQBYLNhjB-tPKyY6Oy74K_HbPjlkLX1FBc1EKZIg5qkL6W8HDdMQ6gWLEUgurqu1U83CbCHCMEm-S9mZlHCNPebwD-Qn-EfATjRYVht4Ii5lW6JyjgvU7ldJgqaNxd-lz4ylyrwXxScS0qbQUJt1p5zoQwbwDVcgxzN7TuXJc4qQf73WXDNmkkyWaRYsmy5FnvvO2JwJhBgt1xrPQpKEf-rw0WZ6aYm5d1P5RiDzU2M6rE5oyFKudoDuRWC_JyKpsmvu_qYXfGKI_XuQ09Wbo-Z6VKnAD3NtINc7ImmofxEn0ju08upmHoJ1oBeHl26MP7819dzoLgJ_z9iQK44NDw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
377 B 10ms
10ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=245847&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2234439210%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2215%22%2C%22siteID%22%3A%22249390%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22164c9466-642c-4592-af4a-74217efb71da%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-26T11%3A10%3A37%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 914e0d32ac55900f1b09e8eb65f2071357d422ee0b96cbe8b5bacc7336c313de

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.82], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.farmonline.com.au
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Fri, 26 Nov 2021 11:10:38 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 67ms
67ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.farmonline.com.au
date: Fri, 26 Nov 2021 11:10:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 3 KB
2 KB 88ms
88ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 16ed568c6ad1ca9fcc5168e3642b5cb393242b6026a3992eed5b11ce0e79cf4e

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Nov 2021 11:10:39 GMT
content-encoding: gzip
x-openrtb-version: 2.3
content-type: application/json
access-control-allow-origin: https://www.farmonline.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1571

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
377 B 12ms
12ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=245847&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2246771365%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22249393%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22164c9466-642c-4592-af4a-74217efb71da%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-26T11%3A10%3A37%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aa1e94cff97c61a7023564d5c457620d4e2eadd5affd2fbd9f69b322ddb99bc6

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:38 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.82], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.farmonline.com.au
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Fri, 26 Nov 2021 11:10:38 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 97ms
97ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19530&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&p_screen_res=1600x1200&site_id=225350&zone_id=1105710&kw=rp.fastlane&tk_flint=index&rand=0.5069180938417532
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 33231b44b22e8268663c7f2135273ad9b47c51338814e776035b235dd6358238

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 11:10:39 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.farmonline.com.au
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 container.html Show response
e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 985D 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 26 Nov 2021 11:10:38 GMT
expires: Sat, 26 Nov 2022 11:10:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1637925037424&de=12164332540&rx=943036492454&m=0&ar=553ffc12ef5-clean&iw=f4f5004&q=3&cb=0&cu=1637925037424&ll=2&lm=0&ln=0&em=0&en=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A468%3A468%3A1796%3A1155&fs=195402&na=273403833&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame 21F9 11 KB
4 KB 87ms
34ms Document
text/html 2600:9000:2156:3200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Fri, 26 Nov 2021 11:10:39 GMT
server: nginx
last-modified: Fri, 19 Nov 2021 15:15:21 GMT
etag: W/"6197bf89-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SJQuEDWUZ8IDacXd2IAxiPt8GnquKgMT3wkhkgmwmeQkYVW4nBS-Ug==

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/ Frame 17E5 282 KB
40 KB 9ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

958b58f5489248327ecb9ceb5d623dea8811c23a8e2b484be4c4ec9dc669cfb5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Mon, 22 Nov 2021 20:28:54 GMT
expires: Tue, 22 Nov 2022 20:28:54 GMT
last-modified: Mon, 22 Nov 2021 15:03:24 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 41120
age: 312105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 985D 0
0 50ms
49ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJTlArsCgYfayKNaCgQfMyqvABJ7FgeFmgciUhZYPv-EeEAEg2_G5V2CVgoCArAegAa6ezLsCyAEJqQLYwS9N2dOyPuACAKgDAcgDCKoE9gJP0NaOLFm5CoD5D3vM1H6gTND_nD_YsyUW6inkKVeE4UoJfOXxeh4hYOUQqqBNcC6WE6p91nmFo-0A3WFoDKeCsP8-R0Ow5z6tFkT5qt65IA2PpDsHHOpd_3e2YGH2LYQgEWS7Nw14l9Ys65gT6bQfrOkUAy9wRVUQLOHUD9BPyj2Ogyrg6I4Ty4N6mXME5HDlju1IkV6U35fRlidDdg8Q7_Jw_RIaOmtsmyETwAifo8EWCv-GUBrTy_-BscTBC6a67vUuw-spAK1dZrO-Xq2dTGaPqGcXfrDzhKQX5tpJDGXPMe21bwRTUnFnpvDkb3n_RdL9bXkCwN8MmUL63tWxZmMOowiTBUcafw68yyERQn32CFpCRT3RezsyTVmTKCQdB4pJYsN7YRhL6gTZylI0W5f0ZixVLvLN0V4JYamWhTJ6Hzjn7KfHICl0-cVpf0k7CqUCoCc9c7HefXauV2ZV6HWEualHszhmOOhrxT3QwS-GZgi1NMAEyJ2EiO4D4AQBkgUECAQYAZIFBAgFGASgBi6AB6yG1YMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQw91a0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTc4ODg2NzY2NTQwNDczOTMYpc5q&sigh=dZra9qbIpKg&uach_m=[UACH]&template_id=419
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 985D 19 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 10:56:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 985D 2 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 11:04:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 985D 119 KB
37 KB 43ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 985D 15 KB
6 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 11:08:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 985D 0
0 20ms
19ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREll0Jzm5hZ3XP609JIaBsgoutV-nPbMLYT0cFLEsKJwzptiLOur3B0f9ugAyxIFDsjMDk6FqWC8wfO6V7KJuuiBUPcQ
Requested by: Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.farmonline.com.au

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.farmonline.com.au

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 149 KB
35 KB 398ms
398ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4232296827005519&correlator=538299271622062&output=ldjh&impl=fifs&eid=31063813%2C21068766&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21666581298%2Cfarmonline%2Ccattle%2Cbeef&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x11%2C728x90%2C300x250&prev_scp=pos%3D1%26ur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C1%257C1x11%257Cdesktop%26urh%3D-919380962%26condAd%3Dtrue%7Cpos%3D1%26ur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C1%257C728x90%257Cdesktop%26urh%3D46555209%26condAd%3Dtrue%7Cpos%3D2%26ur%3Dfarmonline%257Carticle%257Ccattle%257Cbeef%257C2%257C300x250%257Cdesktop%26urh%3D654986578%26condAd%3Dtrue%26lazyAd%3Dtrue&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26ctype%3Darticle%26cat%3Dcattle%26cat1%3Dbeef%26region%3Dnsw%26locstate%3Dnsw%26tags%3Dnewsletter%252Cnews%252Cbeef-cattle%26tag%3Dnewsletter%252Cnews%252Cbeefcattle%26ksg%3D%26kuid%3D%26pageID%3D7527343%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue&cookie=ID%3Dd0964faa67472966-22fda20efecb0005%3AT%3D1637925038%3AS%3DALNI_Maz-ZIk4eKXGXHdnyHhlmzT-7scFg&bc=31&abxe=1&lmt=1637924541&dt=1637925039070&dlt=1637925037113&idt=1256&frm=20&biw=1600&bih=1200&oid=2&adxs=800%2C436%2C290&adys=6%2C239%2C1290&adks=2009788313%2C2749808828%2C2917600360&ucis=6%7C7%7C8&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1600x24%7C710x0&msz=1600x0%7C1600x24%7C320x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=793850567.1637925037&ga_sid=1637925039&ga_hid=999307076&ga_fc=true&ga_cid=917930349.1637925037&fws=0%2C0%2C4&ohw=0%2C0%2C740&btvi=0%7C0%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3656392c463a4e53e0c60f45d242305be1706d6d760c7a18568d8c9fe9026328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35461
x-xss-protection: 0
google-lineitem-id: -2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.farmonline.com.au
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
436 B 28ms
28ms XHR
text/plain 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=245847&u=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&v=3
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 11:10:39 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.82], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.farmonline.com.au
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23F8 143 B
426 B 27ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 26 Nov 2021 11:02:16 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17E5 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 26 Nov 2021 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17E5 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 26 Nov 2021 16:13:39 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
436 B 41ms
36ms XHR
text/plain 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=245847&u=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&v=3
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.farmonline.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 11:10:39 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.82], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.farmonline.com.au
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
DATA 200
OK truncated
/ Frame 985D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69c955598c7a40e601a4d755fd15ac09786821dff34b1a52e4ac305283fb3f28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
524 B 39ms
38ms Image
image/gif 2600:9000:2156:3200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1637925039196&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&sr=1600x1200&id=lstrg-25fd2c0278fa5b91e297f64fd91c8610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:39 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: lBrggjglrycq6LEDYM1rx_Nzc37k6rugNxMoBnLRak--1BIAn1WYPA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 Car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/ Frame 17E5 10 KB
10 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/Car.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590e5d9ca8b4c6ca7231ff2a1318545010971b260dc7f43f4ec68b1f44119e33

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 312673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10410
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:03:24 GMT
server: sffe
date: Mon, 22 Nov 2021 20:19:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 20:19:26 GMT

GET
H3 200 KAROQ.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/ Frame 17E5 12 KB
12 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/KAROQ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0183df987bd128554f30ffed1bd2eaa58861c4f7aa0a06b52112e9487e7ad8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 312673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11849
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:03:24 GMT
server: sffe
date: Mon, 22 Nov 2021 20:19:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 20:19:26 GMT

GET
H3 200 300x600_F1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/ Frame 17E5 22 KB
22 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/300x600_F1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ae4008d9b997d6854cc7ccd1fad864c795a8d1c58b7ec6b4eb1baedeee816b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 312673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22482
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:03:24 GMT
server: sffe
date: Mon, 22 Nov 2021 20:19:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 20:19:26 GMT

GET
H3 200 BG1_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/ Frame 17E5 8 KB
8 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/BG1_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279b95260a7544b60a8eb0d6925f0de4bf3a31a1d54a3af2000ed4aae28a6676

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 312673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8547
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:03:24 GMT
server: sffe
date: Mon, 22 Nov 2021 20:19:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 20:19:26 GMT

GET
H3 200 300x600_F2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/ Frame 17E5 23 KB
23 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137889399521447841/300x600_F2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb7aff6968a712f9e5e36e3d8e7fd59f3c00e78b10e0797dfd600cc5cc0c6f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 312673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23210
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:03:24 GMT
server: sffe
date: Mon, 22 Nov 2021 20:19:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 20:19:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

84ms
84ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Nov 2021 11:10:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 11:10:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Nov 2021 11:10:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3860 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 26 Nov 2021 11:10:38 GMT
expires: Sat, 26 Nov 2022 11:10:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 269B 189 KB
55 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:30:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 269B 13 KB
5 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 313103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 22 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Nov 2022 20:12:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 269B 89 KB
28 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 192652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 24 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 24 Nov 2022 05:39:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 269B 5 KB
2 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 216249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:06:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 269B 40 KB
13 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 216635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:00:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 269B 6 KB
707 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400|Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

481c717bed898745915a58aeff864dc026b0f15b74947edc3d9577da4eef7f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 11:10:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 11:10:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 269B 6 KB
707 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

481c717bed898745915a58aeff864dc026b0f15b74947edc3d9577da4eef7f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 11:10:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 11:10:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10403613165803509341/ Frame 269B 19 KB
19 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10403613165803509341/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qme-qq94W4FTJejdDFduB7fF6hb5A

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da81d894f99556e198a17adf6f76b6ee9a33b8b3e6580b3b899d33d41877d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:35:18 GMT
x-content-type-options: nosniff
age: 12921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19538
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 13:16:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 07:35:18 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/830399735968533989/ Frame 269B 8 KB
8 KB 9ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/830399735968533989/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qku06WAwFnx6Z3VQpagszmJkIu8-w

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07f20f0fc0482b5486e4d84352d5885984851eb38fd45fc6d50c175e542aaf1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 00:23:39 GMT
x-content-type-options: nosniff
age: 38820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8635
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 11:06:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 00:23:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 269B 0
0 56ms
54ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT8xOr8CgYY7aB8mBgQetsoXYD9jE4c1m9LHhoa4PloLNhYgWEAEg2_G5V2CVgoCArAegAYnC7KkCyAEGqQIICIwJqdSyPuACAKgDAcgDCqoE-QJP0LB9ySdjUFj09rEes7Z5U_2ZU9J09IGHBT296Bq_YkETyN6WgsmXhoN2XHxeNvVU6t2YY21VGSPjzNS-Ff254m1zCpaQY0qmDzlhpn9mjamMUzPzHngDlxUZugij9bxtl87veJWHd2YqDOiZELWnWLQm97CO95GojkLgUwrJ4r65rqo949Se2OG2NDWvcDgcjMa8CynHhvOipByrlkUlF5CXNNG2BSy0wVpycT5Nt_lk8L6Jb-gIAdB-uocQzhx-F3MoRQNo9rXd0ATXJl1ufdbhLh5wxh5GqN19z6TL2lSEzDPL2T52W_hGEp1qfOhX2ydFETVtL_197kWy171VBtSVY99KCJEfoe73aw2RRLp0ZTjHzdYzxGGZ5lKueweDkUeVrh7V0x_Zk91MTIKxNyf14h4D891t7n9-tpoJUcs7LSW-kdPkIY8-bGZzAbTstayU7slHjgMs6dY0Gf4SUWJbOzYwrF0ip4dhdTIRBiJy2MEhuPzkV8AE-6-S8-MD4AQBkgUECAQYAZIFBAgFGASgBjeAB9-9k9YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ-9oZ0ggJCIDhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTc4ODg2NzY2NTQwNDczOTMYpc5q&sigh=Ufyci1H1ZVk&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 269B 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVw6lhnWQWfMo8r3ZZyj39_mTWdsqDuJCMphQzLcStBe4_yGkl-r6wqcX4hq7tdulO8LQ5UXHyzAiL_Umk9XseEdZl3w
Requested by: Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 269B 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 53723
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 26 Nov 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 269B 295 B
321 B 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.farmonline.com.au
URL: https://www.farmonline.com.au/story/7527343/cyber-attackers-told-jbs-dont-panic-were-in-business-not-war/?cs=5373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 19625
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 27 Nov 2021 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame 269B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 112861893eae468fc9cd49dfeb850ca758755c9b85d23798c88c6b1ceaa98a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1637925037424&de=332532182941&rx=943036492454&m=0&ar=553ffc12ef5-clean&iw=f4f5004&q=4&cb=0&cu=1637925037424&ll=2&lm=0&ln=0&em=0&en=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A468%3A468%3A1796%3A1155&fs=195402&na=367537792&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ Frame 269B 20 KB
20 KB 25ms
11ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400|Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:24:12 GMT
x-content-type-options: nosniff
age: 236787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 17:24:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 269B 15 KB
15 KB 22ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400|Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.farmonline.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 595851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
13ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1637925037424&de=783887865847&rx=943036492454&m=0&ar=553ffc12ef5-clean&iw=f4f5004&q=5&cb=0&cu=1637925037424&ll=2&lm=0&ln=0&em=0&en=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A468%3A468%3A1796%3A1155&fs=195402&na=594452669&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H3 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 3860 7 KB
3 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 21:03:01 GMT

GET
H3 200 e896defd9da58cd70544d59688f4a346.js Show response
www.gstatic.com/mysidia/ Frame 3860 11 KB
5 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4792
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 21:25:22 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3860 1 KB
886 B 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 11:10:32 GMT

GET
H3 200 b85b9965a6c1d8af98ff0fb9e6466ad8.js Show response
www.gstatic.com/mysidia/ Frame 3860 6 KB
2 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b85b9965a6c1d8af98ff0fb9e6466ad8.js?tag=analytics_pingback_2019

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2518
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 17:02:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3860 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 10:56:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3860 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 11:04:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3860 119 KB
36 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3860 15 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 11:08:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3860 0
0 15ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTw5eA-12Qfq8Aom4oNvbjLfaASAN7fmVeUGbl4tkfnzgQFBpA7c6WqSgYVjckUbtLzfUwSd3JY5H-B2M6tQ6DVfAv07w
Requested by: Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 3860 27 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 21:25:22 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 269B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

64ms
60ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Fri, 26 Nov 2021 11:10:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
21ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fe495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=1065&gp=437&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=12164332540&cu=1637925037424&m=2124&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=437&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=1&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_0&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1922366162&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:39 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10403613165803509341/ Frame 269B 19 KB
19 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da81d894f99556e198a17adf6f76b6ee9a33b8b3e6580b3b899d33d41877d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:35:18 GMT
x-content-type-options: nosniff
age: 12921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19538
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 13:16:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 07:35:18 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/830399735968533989/ Frame 269B 8 KB
8 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07f20f0fc0482b5486e4d84352d5885984851eb38fd45fc6d50c175e542aaf1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 00:23:39 GMT
x-content-type-options: nosniff
age: 38820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8635
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 11:06:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 00:23:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 269B 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 53723
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 26 Nov 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 269B 295 B
321 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 19625
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 27 Nov 2021 05:43:34 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 3860 45 KB
45 KB 56ms
8ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ_RMaxy8Bs7F2BZ0NWbg7roHO7pIgMNJNwFYB4ZzqdGl21lkPDjEb2KFuF_g&usqp=CAI

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3925b2b39aab39ca89cee03192a6ffacedaac1a0ec06fb0b4130399d8f3f850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:58:58 GMT
x-content-type-options: nosniff
age: 187901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45804
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 02:27:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 06:58:58 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 3860 41 KB
42 KB 49ms
7ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSCxDvMvU_KPdAt7DGiPxncMr-1EFk1Fgh-ZqgXQ6UUxnvHiioOOWDM91ic77I&usqp=CAI

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7951b3e72375e8e1edc0a7eb3a6c3277dbb8faeda69d9063419866020347c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:58:26 GMT
x-content-type-options: nosniff
age: 342733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41990
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 01:58:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 22 Nov 2022 11:58:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3860 30 KB
31 KB 48ms
7ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSsEYdsF_kjUgQyY_2PsFmtQ25GOz2bLY2sCNfYvbz3jE_2N4UXpbY4FnAKA1s&usqp=CAI

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1635143e80cd6bd9019a47aa285c7a60edfe80fe3a20a3afa5a2e4487bc7a7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:58:01 GMT
x-content-type-options: nosniff
age: 342758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30807
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 01:58:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 22 Nov 2022 11:58:01 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 3860 42 KB
43 KB 48ms
6ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSgkLOVqg3x5xGyz24ZCox3kfTDHXg5kNvX4bLI-ouPH4JjgUHIWHFlBkI-Sw&usqp=CAI

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36e2f73be04451f8d944741a275ab86eca9d3791fb2a116e0d99dbbc08f5404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:16:09 GMT
x-content-type-options: nosniff
age: 186870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43168
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 02:26:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 07:16:09 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 3860 50 KB
50 KB 63ms
16ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSt5ZjaT_i3wEjrg2ca3ss263_wuO7tzGwkWh3CYZJuFjwWpl8pyDJHIF1wRR4&usqp=CAI

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4e089ca0e39969f3fe94c73e467afef885a93e6fec91aa657645d531ef8bbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:59:11 GMT
x-content-type-options: nosniff
age: 187888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51026
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 02:26:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 06:59:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3860 36 KB
36 KB 54ms
13ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSVue2bQ8O91X2EpGAt8p1jztZqacCWj3H5XMyxdhv9dtDm-TWAROOnKmO7xw&usqp=CAI

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c66c23b24142ace8990941bebd03d3cb9b74d33e1ede9b9523e1e1790aa31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:10:03 GMT
x-content-type-options: nosniff
age: 7236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37108
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 03:31:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 26 Nov 2022 09:10:03 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 3860 42 KB
42 KB 57ms
16ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRq8Jk2AnLvQ7vFvG7E745hSuG4amA5KsnSBFyRxnpFeXbbhtepwWp8bGZS7hI&usqp=CAI

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4b68710142c7639230497bd5ff7313dae90944561ee4835408cb1f431d05b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:57:46 GMT
x-content-type-options: nosniff
age: 342773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42819
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 01:30:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 22 Nov 2022 11:57:46 GMT

GET
H3

200

4493708271716875287
tpc.googlesyndication.com/simgad/ Frame 3860
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfpI3v9QEQ9AQY9AQyCPi7Yd1M4vX7
https://tpc.googlesyndication.com/simgad/4493708271716875287

224 KB
224 KB

8ms
8ms

Image
image/png

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4493708271716875287

Requested by

Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981c8d3b4bc24d51c59a7bf760c48c050193d0beca7450760ace038ab65ea635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:24:28 GMT
x-content-type-options: nosniff
age: 171971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229761
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 07:50:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:24:28 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 20:39:29 GMT
x-content-type-options: nosniff
server: cafe
age: 52270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4493708271716875287
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Dec 2021 20:39:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3860 0
0 51ms
50ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2wzwr8CgYY3aB8mBgQetsoXYD9aOxNtmh9eF8PQOvcvItL4sEAEg2_G5V2CVgoCArAegAfO-rpQByAEJqQIICIwJqdSyPuACAKgDAcgDmwSqBIUDT9DNAvs8DeKfEFVOopfe_wMkwMGZz4Y_O_BJrVey3eVPwzx7pWak7fI7AK5nc4NevM06907e_PRQBgIxLmsXmrgXdE8tSOoLyZenwZyasMOLHRtP78LGW-18qkaGK80GYUxOP_i5kgNpjGvyFf2oPPXqTlfLe_W0IjAaC_GF_Pz2MEtj3bPQ4L2s3P_GDCZ0bp6rFSIx1BtTGj-92bPaZMcIt51wNUGKR-MMR_1rVa-zoHdGkjVNTR7-UZ-S8HvZSswNbdmtFEmIRzLrH-ZNREA2Sum5_frcAvbliXoBRqrfTQJ3MhaOvbVE0cq8ZHlk6BwG80dFIesjgDbmNXX0bDm3bAuerT90yoUkwaUMIelPInS2D0QYGGUgxccC6iQPaU6Yz9WZv4xoEhsXgQlxSKRe_YzoRp_v5k_oycSEyRbFRgk1dfNCuGV6KoaPZjGU7ObIegDsmwslh6Y9Da15GYH3LT5OtfxW-9HO8Vh3eq5eSL4o6isHijpjDt-nYQX9aRzzGKvABN3M1v3XA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf1wNHrAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCj1gjSCAkIgOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNzg4ODY3NjY1NDA0NzM5Mxilzmo&sigh=65XXxlbRfRI&uach_m=[UACH]&template_id=494
Requested by: Host: e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
URL: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3860 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecccbc4798d8b0bcbf86410a001030bfd866678b25f62a8b95a8f2b629558e34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3860 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCgsIASoHYmFubmVyMgoKCAIqBnNlcnZlcgo6CAQqNm15c2lkaWFfYW5hbHl0aWNzX2V4cDIsbW9kZWxfc2VsZWN0ZWRfZGVwcmVjYXRpb25fY3RybAoNECshAAAAAAAAPkAwBAoNEAMhAAAAZGZWYkAwBAoNEAohAAAAAGdmAkAwBAoNEA0hAAAAAAAAAAAwBAoMEB4qBjcyOHg5MDAECgwQGSoGNzI4eDkwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAJiZuWJAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAgEFAMAQKDRAFIQAAADAzw2JAMAQKDRAQIQAAAAAAoKpAMAQKDRARIQAAAAAARM9AMAQKDRASIQAAAAAAABhAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAMzMnGVAMAQKDRAUIQAAAACoPA5BMAQKDRAVIQAAAAAAADNAMAQKDRAWIQAAAAAAACxAMAQKDRAYIQAAADAzs2tAMAQSGkNNM3RnS0h5dGZRQ0ZjbEE0QW9kTFZrQi13IhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
16ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fe495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=237&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=332532182941&cu=1637925037424&m=2592&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=237&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=0&ag=35&an=0&gf=35&gg=0&ix=35&ic=35&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=35&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=70&cd=0&ah=70&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_6&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1602806190&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
13ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F10403613165803509341%2Fdownsize_200k_v1%3Fsqp%3D4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw%26rs%3DAOga4qme-qq94W4FTJejdDFduB7fF6hb5A&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=156&w=298&rm=1&fy=1&gp=1&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=783887865847&cu=1637925037424&m=2604&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12&cd=0&ah=12&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_7&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195402&na=1139935122&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 985D 42 B
64 B 58ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvimJTwBrtaTKOqCs7e8-a5XaUxHPugmDq_ZJyOkM1b8Co-5v3BZWivC1XrAVgjo17OtIZ9SEEtLnyW9nYWS9XVtFxKJUAu9H9FUxh3jMML7OF_-FBGLg&sai=AMfl-YQSoZYWRtYRgmUzWuGtJBpTF1rWYiCW7mUrykKRjYOXBlDZ5ny7-1HrAiOeni5xBuIGj2Go_vtOHWZktIKqtWa0XCKXwXAqzw1NiMM75XdVbkH4fSkJDw1clcNXgOIH&sig=Cg0ArKJSzMSf22Jmy2f6EAE&id=lidar2&mcvt=1001&p=315,1065,915,1365&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=897400541&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637925039002&rpt=159&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=1065&gp=437&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=12164332540&cu=1637925037424&m=3125&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=437&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=1&ag=1005&an=1&gi=1&gf=1005&gg=1&ix=1005&ic=1005&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=1&ci=1005&jz=804&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=2&ah=804&am=2&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_0&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=477229923&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=1065&gp=437&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=12164332540&cu=1637925037424&m=3126&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=437&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=1005&ci=1005&jz=804&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=804&ah=804&am=804&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_0&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=2028101255&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
24ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=1065&gp=437&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=12164332540&cu=1637925037424&m=3127&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=437&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=1005&ci=1005&jz=804&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=804&ah=804&am=804&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_0&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=81247687&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3860 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwtERXfYwchL20zik-1K_pyakBo2khcjXeBKZgOWYhjVbJiYchSc8AI-AOUHE2sIl6HaqV6HR-rCepTyNe_PfCO9CpxM57Ttvcz1YZLq-Enrt5LB2XJA&sai=AMfl-YRSIXz6o6FRBvxjEOfDE7IH8uChv8DG05p9iphIJZKc7BPsLU49-4-EiuzITOLBdsZCczO9PGIZ8YB_k9QRW2ro6MH72WnAJSk4FSCESQwPJsPhfrKnbysEgleN&sig=Cg0ArKJSzLDc36qHRxNPEAE&cid=CAASF-Ro2W1EwQONL9VdLbGApQY0Pl80pM98&id=lidar2&mcvt=1000&p=237,436,327,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2749808828&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637925039499&rpt=222&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 27ms
26ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=237&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=332532182941&cu=1637925037424&m=3731&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=237&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=1&ag=1176&an=35&gi=1&gf=1176&gg=35&ix=1176&ic=1176&ez=1&ck=1176&kw=1010&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1176&bx=35&ci=1176&jz=1010&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=70&ah=1010&am=70&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_6&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=730838078&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 49ms
49ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=237&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=332532182941&cu=1637925037424&m=3732&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=237&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=1&ag=1176&an=1176&gi=1&gf=1176&gg=1176&ix=1176&ic=1176&ez=1&ck=1176&kw=1010&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1176&bx=1176&ci=1176&jz=1010&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=1010&ah=1010&am=1010&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_6&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=361984902&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
16ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=farmonline&zMoatAdUnit2=cattle&zMoatAdUnit3=beef&wf=1&ra=3&pxm=&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=237&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&pl=0&f=0&j=&t=1637925037424&de=332532182941&cu=1637925037424&m=3733&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=237&lb=6845&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&as=1&ag=1176&an=1176&gi=1&gf=1176&gg=1176&ix=1176&ic=1176&ez=1&ck=1176&kw=1010&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1176&bx=1176&ci=1176&jz=1010&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=1010&ah=1010&am=1010&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Ffarmonline%2Fcattle%2Fbeef_6&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1668415908&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:41 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
368 B 35ms
34ms Image
image/gif 52.31.31.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_b38_Farm%20Online%20-%20Other_S&asn=Farm%20Online%20-%20Other&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=gcvletqh6rxtv2c1yfg8yduak6kjx1637925038&prv=1&c6=vc,b38&ca=NA&c13=asid,PAC31391F-D55E-466F-8ACE-C8E6BAC31EE7&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,farmonline&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,qui7sdjnhzvsvjhqjhpabqs7jtexa1637925038&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16379250387519305&c30=bldv,6.0.0.615&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=7527343&c3=st,c&c64=starttm,1637925041&adid=7527343&c58=isLive,false&c59=sesid,&c61=createtm,1637925040&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1637925040&rnd=157654
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.31.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-31-218.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:41 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
21ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-222bXHTrNoanMCBLaTMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-VkX1JxNzsquFgA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&pcode=acmheader706032617774&rx=943036492454&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=6845&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=6723&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.farmonline.com.au%2Fstory%2F7527343%2Fcyber-attackers-told-jbs-dont-panic-were-in-business-not-war%2F%3Fcs%3D5373&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1637925037424&de=761552581926&cu=1637925037424&m=6347&ar=553ffc12ef5-clean&iw=f4f5004&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A468%3A468%3A1796%3A1155&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5077&cd=0&ah=5077&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=farmonline.com.au%3ACyber%20attackers%20told%20JBS%20%27don%27t%20panic%2C%20we%27re%20in%20business%20not%20war%27%3A__page__%3A-&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195402&na=890175047&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.farmonline.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:10:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 11:10:43 GMT

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.farmonline.com.au/	1970-01-20 01:08:21	Name: _gcl_au Value: 1.1.832016943.1637925037
.farmonline.com.au/	1970-01-19 23:00:11	Name: _gid Value: GA1.3.917930349.1637925037
.us5.list-manage.com/	1970-01-19 22:58:52	Name: ak_bmsc Value: 26E4004BC07CF1E32EE2B29B93A60227~000000000000000000000000000000~YAAQLrUQArhtmFd9AQAAo6XwWw2pS44Dd/q9n76SqZr8wWdwC2vCxm9szJQDVQJGh/yBxkMsO/DmSWfEFE47YrfFnv1T0+VYmxMvIwNWc374B6w9hU8VJOZ6UIPOrdi1E9LfR3voz+kR1btltO/gPJEW0+o6T7dKu6whMa4mhYDCyCDubsRJFxeL3SykDIKUdqjuB9FemRWU7Gm+Dtrzf5wA8Q0RxLTnfPEvDDC9XkbOveqqiT6Mxk0shNDeTzZ/+bWTejzFc2bHGFAT8J0ij4tehRpNRf/6L+zyDePHA+jMUj7irjoR8I1QVhLHr/UjmrQGicSRFEGBEij+edpC6T8YnwT7zwy4CJ6xTwGRtvinEHGbtCcRRdvGPRzjZgGO8MQfoZOzG3gFjaAE4Zt6KNvEHA==
.list-manage.com/	1970-01-19 22:58:59	Name: bm_sz Value: 5233968B43C95BEB7EB64CC16C3E9FEF~YAAQLrUQArltmFd9AQAAo6XwWw3xY5SLwlBNIYs7iE1GJL+VVgGaTtcmjsK3mjMc6E9JbUnxEhqZWDU8WpKeXgsmrle/ONhdEZ+2BshcHnOPLMCOKWyuDNxDKgNNeVvoCmBfqbIxPXaaVKSK00+mzTyijmvghNH+cgRiVDU3AOEv3FC5e4sYzjoZTIWUNGtVQGq2frRWVgJOVKArwiKbDJQNMSCHKp6Qm/Owwhmu9+naMhx4eK5YlzQ7QubOK4FWQs5W4IPCVHfPbAHrQXCceAg5YkTIJBTFHvB9VjONWBfZtUG+n6AYAA==~4604741~4469552
.farmonline.com.au/	1970-01-20 01:08:21	Name: _fbp Value: fb.2.1637925037523.1096688241
.farmonline.com.au/	1970-01-19 22:58:45	Name: _dc_gtm_UA-61683903-1 Value: 1
.farmonline.com.au/	1970-01-19 22:58:45	Name: _dc_gtm_UA-24154746-2 Value: 1
.farmonline.com.au/	1970-01-20 16:29:57	Name: _ga_7PC84FGF0J Value: GS1.1.1637925037.1.0.1637925037.60
.farmonline.com.au/	1970-01-20 16:29:57	Name: _ga Value: GA1.3.793850567.1637925037
.krxd.net/	1970-01-20 03:17:57	Name: _kuid_ Value: OgTZhwS-
.adsrvr.org/	1970-01-20 07:44:21	Name: TDID Value: 164c9466-642c-4592-af4a-74217efb71da
www.farmonline.com.au/	1970-01-20 08:27:33	Name: _cb_ls Value: 1
www.farmonline.com.au/	1970-01-20 08:27:33	Name: _cb Value: ClKLrywSVstWCDhK
www.farmonline.com.au/	1970-01-20 08:27:33	Name: _chartbeat2 Value: .1637925038164.1637925038164.1.BzsCUJ1YQ2sCp7KggBA2UWvDrjNo7.1
www.farmonline.com.au/	1970-01-19 22:58:46	Name: _cb_svref Value: null
.list-manage.com/	1970-01-20 07:44:21	Name: _abck Value: 8E186299E02C4D389767E4D01D3292B6~-1~YAAQLrUQAtRtmFd9AQAAsKnwWwajvC15zjh7xcsbf3E+uKW3YvEBMI2X0H/oGNKsb4BtS1KfPF+hVLfMiWFbam0gsGykl2lJDoDO6CmUvvdeOKlelNPvenC+Go0iEXpkbR96YTd5Voc1aUpjZyJ9AfVtS4d24jourW9/NFRJYdPf+qyQ09sXGFrhBGn9ozVe7yvZghw4UVYYjj6KAWAp6GLpDfappynvZGwzkbVUz1V94Zr44fJec1d/1ju9iDUJiGI3fGBIwow0DIzoJ4j//gjzbKhN/9HJuCpMvsQOzLqI9th1IXEWmEE1PiRVqqlLMzMyHzOIdXWSKl2dtKoQ4/tQwMK2wYxG3zBalyZNbvumMR8UFTMAu4V066BeLFUmXh5VlPI0iKZhtWcSs8Q1~-1~-1~-1
.rubiconproject.com/	1970-01-20 07:44:21	Name: khaos Value: KWGAA07G-P-JL1G
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2b528eddf2c3b1bb
.imrworldwide.com/	1970-01-20 08:20:21	Name: SSCVER Value: v1
.imrworldwide.com/	1970-01-20 08:20:21	Name: IMRID Value: 7ca04300-4ea9-11ec-852f-959a9876da7b
.rubiconproject.com/	1970-01-20 07:44:21	Name: audit Value: 1\|naVuGyos1qq9x6Rb9MBtpeMH05QULE/jV/G9Z/GRzTxqjK1sECNPH50US4i+kvx/c0pg1emyAiEz2DcZO01XbPjoKMgmoql6AevHowHbrM2VOlHV8UEF7g==
.doubleclick.net/	1970-01-19 22:58:48	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 08:20:21	Name: IDE Value: AHWqTUkPlE9eOkEbx_0mxj0HPkZU_pgSvASEWsaeuJQ6Rr1qXlYcrYYID-goh2zOtlg
.farmonline.com.au/	1970-01-20 08:20:21	Name: __gads Value: ID=d0964faa67472966:T=1637925038:S=ALNI_MZ56ID3SnjPVWqTbRTLZ6La0P0rGA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.farmonline.com.au/static/1448855660/images/fairfax-logo.svg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://farmonline.us5.list-manage.com/n_vFTO3p/eOl/_7-/ZSmZMm8i75/1Vt5Nwfzh5YE/WlluOA/bS/QYIixnSBMB Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.google.com
api.rlcdn.com
as-sec.casalemedia.com
bam-cell.nr-data.net
beacon.krxd.net
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.krxd.net
cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
consumer.krxd.net
cse.google.com
ds-aksb-a.akamaihd.net
e495c93587412bcad93dcda6c8721dad.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
farmonline.us5.list-manage.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcvletqh6rxtv2c1yfg8yduak6kjx1637925038.nuid.imrworldwide.com
geo.moatads.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
js-agent.newrelic.com
js-sec.indexww.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mb.moatads.com
origami.secure.ownlocal.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.roymorgan.com
platform.twitter.com
players.brightcove.net
px.moatads.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
syndication.twitter.com
tpc.googlesyndication.com
twemoji.maxcdn.com
www.facebook.com
www.farmonline.com.au
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
104.108.145.172
104.108.145.56
104.108.145.8
104.244.42.72
142.250.185.66
143.204.98.3
151.101.130.133
151.101.2.133
151.101.2.137
162.247.243.147
18.169.85.185
18.211.139.241
184.31.84.150
185.64.189.112
23.111.9.57
23.45.110.243
2600:9000:2156:3200:1e:a43d:b640:93a1
2600:9000:2156:4200:18:1fcd:34f:cdc1
2600:9000:2156:a00:1d:667e:2a40:93a1
2600:9000:2156:da00:2:42d9:3100:93a1
2602:803:c003:200::41
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9a
2a02:26f0:6c00::210:ba58
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a0b:4d07:101::1
2a0b:4d07:1::1
34.120.133.55
34.96.77.232
35.179.78.10
52.212.56.195
52.223.40.198
52.31.31.218
54.154.13.77
54.66.131.200
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
0204c72d82b8bc37390f3b5ff800080800630ece3b38027deb868fbb7ed7bad1
0260e531d8cad40ee403ac7b6b24a0745ebe42cbf168b60a611e4267778a0dcc
03abc11e3e6b525befce40f091767640ee672dad332bc5e296298129c9dd775b
03eb3d4bc766377a18ed33ca03d6f0cfc9112d9aebd1ceaab1d3ae4536f8afd7
04c3fec343a3139e641d31fd6300ffcff4f0bdfb0188eb1eaf3fabbf2b4e4ab5
0719edb87101cf9c192e52c435772c765be78db62f92c13341cc2627c15e57db
07bca51e977e353732bd266abf3a35f04b78eb3ff78319deb1bcdfbf0ad666ce
07f20f0fc0482b5486e4d84352d5885984851eb38fd45fc6d50c175e542aaf1c
09b5e0923092f3b3b778d7a54f44ac269eb0e2cec400d7414952d205275ef972
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0b525992d1184a72b5c785c2731c8f5f05f2580b5a81bcabb5905e338daf57d9
0b532dd487e3bbc1a2d98d8852e5468e5da395fc5d4b994dfecd64f9f69f247a
0bd6b627fecddb363f6b3646416d359b61ac9f64f054cbcf6249b16920f1a440
0d20cf4e602e3f6030ca324049a411b73a2036318e61500cb8cdf08d757f489e
0e0e5259e3ff8ea805e0c5660c6336f7f46b14332e3cafb82939e1db3da8b6f8
0e2b4eb06a5e62d252ac1f1f33a1be9c85dd5dfb4cac6e4801abe8c90ea9ec5f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112861893eae468fc9cd49dfeb850ca758755c9b85d23798c88c6b1ceaa98a16
11ca71477acc1f5fcb00a83efc8453b0a3d1737a68cbee89fd00458e1c2e6e1c
132b0077ab68dd598cb74becf9f05fb9528bdbbd4187b02fc7bfa068b2079350
1635143e80cd6bd9019a47aa285c7a60edfe80fe3a20a3afa5a2e4487bc7a7da
16ed568c6ad1ca9fcc5168e3642b5cb393242b6026a3992eed5b11ce0e79cf4e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189e7578796f0b89cddcbdba1afaf1b3ae67751e95b6a1cf988c8cb217905b4f
18a336d239d72ba3fd0a0f4bad1c446ae40437a3a04b079c9eb559a9638723bc
1957bf893c3bcb2e2503b62c24458e3ce13f00132732f7ab9a2c20fd56e3eaeb
1c7849ca7489f09a149cc7239e38c90ce3247ea0c01e692b7eecd300ee9d9f4d
1d7ab6c405a679199a373a25f25611da4dd6626c22a3d503461e2eaf6e328c13
1ec78200da887a9a9e84cff0e5757ad00512021dc32172effdcaacccdf4a923f
1ecff7a9d361b13d4e4d16088ff7fce1b8f8ef201e82c65be020d41f84e331d4
1fb5586acccece4e923ce2086ff471fa4c8ee3a16ff32aa21d6615d932f8df03
1ff030eef2b9e9cd4751f77b959f71b9546ee10bec558997b3d0710373f38f40
2302bc76a4f6f7c8e9eb8f6c38ddea3dbf55658d44e1a9b5bfe34d32a99f3eba
23822bf7e6386e18fc54020b69d3b85149074eab04f4e88c795dc3b33e123478
23874340caffe6e6bcbee1fc814c198ead7fb568a7a90b64344a5ba8a23e653e
279b95260a7544b60a8eb0d6925f0de4bf3a31a1d54a3af2000ed4aae28a6676
284a3a5d95ca8e8850b018eb5a4d449ed97cf8119ffc94b1393084a94a28e446
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
29ae4008d9b997d6854cc7ccd1fad864c795a8d1c58b7ec6b4eb1baedeee816b
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2c17d3b4f527b432aaef35a9c0f65c4959531f5c6afa9635140230fca2f239b2
2ed3cb350a5a3860a4e3dc33e27944a217dff16ec5ba638eabad5911e1562ed2
31278bb57e655f7c1d19f1dbaa4bcf12dea4191417b2220a670db80657fca980
31f34e2c06d8b85e26ab292cc11fbad0f6b2a83d911feea8590c849b34981439
324ff20758b7b19fe749517e6372128391a1cf2d81410daf9ea2141114bdc674
3251c9b63ad052a866cf19f73739900747fb52c99b10792e2417fe73f1081131
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
33231b44b22e8268663c7f2135273ad9b47c51338814e776035b235dd6358238
34544ae7346908d670068af90be2306fe250c8c1a61955b84541e63b0b6135c9
34e41485d0142e3a242412c0bb49d097817e03be3c140b4a7ab35b5ee26dc88e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3656392c463a4e53e0c60f45d242305be1706d6d760c7a18568d8c9fe9026328
36787516b1ed86202c94791e0d23c2ba2cc6a75dde954cdd080fdd89374347cc
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
373e38d8658dda36dbf82f9e1472121526c695307f7191f90c16000c703a54b7
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e10d54e5dbe8e7872e49bc0e65cf0db8134fb5dd543c656a3e34e8541098e71
3eebe08e8a4ad246a454e4cfe3a11bc0a5b3a1fb3d24dd1fb4f81d62c3da787e
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
42e51e88b66b6fb122cd45feedea16ae94948318f527555e15ef869e9f82cc88
46203bc0ffd4548a72b65078b4137b6e34531120372aaf6ad23eea26d4a970c0
481c717bed898745915a58aeff864dc026b0f15b74947edc3d9577da4eef7f2f
49800f1a3925b10d84f958508f0e75490619accef8a2b7d53aeba46724983c26
49f78d54bfa35a4d487843a35dca6a4e9298b39bf97765b6207a1bb85456edd3
4ce79a53a4ac82339e9119404fa105cf717d8961c78dc5a6ba8e4a83feb0f385
4d970499b66ae7c3c2e390356c3c5b5519c77ded49b900fa4b3f458614b2326f
4e12fadfd9db543d0e3937c2f97d9172670f529efc58c507a4c52492d4470781
4f0e18983af452b6eb675117986abf3e9b42489fd30052a4a2246475495d234e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5021e624e752b001ce3e3846e8f158ed4aeb93a4c9a72fdb35a0c5b14a0eea84
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
56735b026c6527459cbac0a6ad827fbf505d8e560790be026ebe5a73cb9c436a
571bef8b7ee5205a61c4f93b695b18bbbd7e2c78e118b2770d1f737d8af2639f
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
59037ef7bdc05ed33658304172ba6e15a49855d93f0916de4406b6489281c092
590e5d9ca8b4c6ca7231ff2a1318545010971b260dc7f43f4ec68b1f44119e33
59802f6bd1a310a7bfb12f38fd17a5aa63b6d64427d6312c894c5bb8c37f4e17
5a4a8130a3a587b4f76075476cd14a5ce3131a7b3a2c805bb88ecf44889d5c69
5a752c876738b48502005124702e5d658f321f79ae8bd002eb9a6f916042291c
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6201bb11e360b3bedb4b09b3ae1b6b177a61c0430b3f628fcf379621faf59c6e
63e4b4440ec54a44e4cc39e748cbaa0050d4863e625de024c3dbf1008333943d
64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65f5e60c601bbe30fbcf7dd30e32964f13a4da81b21ffe1a25c98ce880908ff9
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
66afdb39aeb5e09a5920b4b2e8d92f14f66df031fd8cd5f016c8130584c93d8a
67c66c23b24142ace8990941bebd03d3cb9b74d33e1ede9b9523e1e1790aa31e
67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9
683755df284c52999ee1fa0446d6afebe418bac8e820023b6087728ddfc7d5e1
69c955598c7a40e601a4d755fd15ac09786821dff34b1a52e4ac305283fb3f28
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6da81d894f99556e198a17adf6f76b6ee9a33b8b3e6580b3b899d33d41877d32
6f2723de2b82955926ea3c757036b1b2c44b39fdfa36eb28ee5b3e79a6254c35
70b1c18d4f1fb91ced498406c1454636511204633dfadccddac346419167f730
70deb83511f41ca5075178696171b3c4e917e0dad25d9e9714b4e4de12a44f73
718f86718572cbcb3ac3eebdb94e52a8298ad4f9a4678d12f7f9f566496491bf
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
75840136eb8d8a8b339c12a5567ea8333fed055f57d48aa21b654b84eeafb911
760919ee95272f61aae38fbd8b1a730574d0f960515f73dbfbefec620fcaf779
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
79d8986b6e64c3f9e1f3193948d185742be3b747316847fac240a70d2c399160
7b899ca21de6b208155f1ca4aec68721c1614b5dfcec7c9faa59a6afee45a833
7c02e6a93cc2e4093f44bdef8be7bcf82dc7fc3911b772d4351f076e49c6c943
7d580fcb69bc3c906d974e3dde200c117307ecc0bc6da2df803e86a7709949c4
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84090c263e0f79c47ea50c29ad48d787a88b729b9afaac719393065918f459c9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fcc2e9aa3d97ae76a77e8506f9366bce1dc63a78ce28ec7842186e89120e63
85d0f0c7f0118742efd36a12af4aff69fb4bebeddbabdf0a42b316206acbde8e
85fd480567eed20e6cd15e42b3462d9b9170454c44e8b22817d40b67518757e1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d96c427512d8d3d3ba0ab9993bf2d0e637c6a53180ce5cdd538ead63fb7f091
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8e5b2c01109a57038f6df6b214f048cae20349051abd3af081f07d888fac7352
8ea97f2695f5e74f5c7ef76fae7a7902b6bb774e18b2c62ba3141f89bac00ea8
914e0d32ac55900f1b09e8eb65f2071357d422ee0b96cbe8b5bacc7336c313de
92cb8efa12b7a211b53d7e90cb8e696a8a3ea330553163f6bdb6923d7eb9650a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b93a750ed27ac4d98c8ebc16228a734698b9e69e1d427a4196b727e2755ffb
94932aa0ae72d3aa6559af1c01bcf4fcfb55ffb5b4be4436152476118451456d
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
95577f835b8001ec2e138dca298e9c455a8a76e3f6335d4547a1b2671e9aa928
958b58f5489248327ecb9ceb5d623dea8811c23a8e2b484be4c4ec9dc669cfb5
95d2b7f4d7d9c57ab2be6e1e2df41a23af9e08cda3c8544994163be905cc57d6
981c8d3b4bc24d51c59a7bf760c48c050193d0beca7450760ace038ab65ea635
986cee34a8a8fe5a44edc639167b1075dbbce479a59d810a65a3b0040ec9c8da
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a2d71b9874f85c5187d1a6e28d4e423fdcf48db2d2fd64e10765eee9456e612
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9abb08bebcd7c88bb2704b0b3da62b79d11d75e24c5033f3d1d59b3b54c8099b
9d1496cddfcb9b8a2eb2579a35e254c51a9812cb2ab2b83f00d3157fb7fd58e5
9daea8d803090f32b66b97badb28f26098399e4c1e2a14985e5b7a8e5560bbda
9e8d848a63eb835f38f178ebd245a433f408d36db75a1210481dd671ab01a796
9e9546c09a4e862ac17300cec20771eed345311c61f8d0b1f1217d6bd5117acc
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a021288e8ff42cc07f34dca2af041bf89e6fdc9681815f1ef8ae4a5753bc3203
a179ea8ec4f4059ee78e694de82cf8bd28aecd8854c9d451b04e3b7b61a7793b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a30d65011b4c8fc377b09034c7a7901dd7fb34a695434d18b3309d2c840d4824
a36e2f73be04451f8d944741a275ab86eca9d3791fb2a116e0d99dbbc08f5404
a3925b2b39aab39ca89cee03192a6ffacedaac1a0ec06fb0b4130399d8f3f850
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a568af13e711ff2108a683412ee2cbfecb87d461593ffd638144dbe02ff14940
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6603465765cdd9036aab99713324f4b18c27eb2e5625af08a4c98e855e41c40
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a801e186e93d5663c6b6bcdd9c0773ce6f625fa660d669ab297c788df348bc12
a8dcf48d2959e922d36b3ce8ff833d1c21b9c852ede38a338d2fd079035e6a9a
aa1e94cff97c61a7023564d5c457620d4e2eadd5affd2fbd9f69b322ddb99bc6
ab630a8e4747c1ffefabaefb472e71c196b26c8886c46088d555cc95c95d1241
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b006388f351e9f61ccded44ca107770a9b0ef4d3c7bb47cd14780b6b011fcabd
b0183df987bd128554f30ffed1bd2eaa58861c4f7aa0a06b52112e9487e7ad8f
b18bc4423f98e2a61a698cd67e3422f837b267ec5b9f2428bead5983fcf7e3d3
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5ba9b461be9ec3368c29a081ee9fcd30dcef667b6a79ac6ba73fb04cbcca7b3
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b5ddf5fc2b95f9b75b6486890a168c326d02f887fae84b72ef39d92e441dd71b
b8bde2a7aa22c2712f4a23137e64009f706dcfcd6ff2de0af5a9d566ba89af8f
b9dadeb47f7508231cf079043c1b7f44d2b7640363fd8e54610beef7288b2f8e
bbfca8a826915fb844bb8fc3dc38b6f5132d428a192eed79af6275d357751f01
bc4e105084df9753cdbd12883b113b2a93725484437a92b50f8d23aaf8ae19d7
bcce84153db816fc3da2ab9733f444e8e7771b54191cde6869d070784a41bf6a
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c2265956c521613e157308278663bbabe9e7186816fdb8aab1fc62b31e096288
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c3d895be11c09305dde383007f26c4770cbd66d4ac4bde21ca80d669c8df867e
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c476fb0353da06719fadc180621ae83bcafcbfcb918c6d78d7a53caa443e60e1
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd512b5513a65c3f45103d8924512edfc778d01fe8c9ca0e0ea39e3288638df4
cdb7aff6968a712f9e5e36e3d8e7fd59f3c00e78b10e0797dfd600cc5cc0c6f3
cddb0dc1c04a7058690fe79923ecaa6402287e89571cd98c2ec94ea6fab066a6
cdfb5393d5988c571d7ce1cebc070e9d7c0c25036f1d6ed32eb640fd26fcb6de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10270554058d8f3b33cffce3ebcec58adedae157c9cba6e78c8be6eb1de7017
d29d48c55bdf3839337426482acf82b39999f7acfd0215d0f69a9920f6d07026
d2ba66b6e8eee6349365fb62b9907039b32f53f2bcb18aa9c0913723093e0d49
d391c173c94bc353ff448e7c95fb6f4748364243b5b423e4543edcdde9539abb
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d426d8161caec6343cd12a8c0bdaf71d259746301bfdf963048654a1797dc291
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d50983e42a79683dc2680482451e5a4036c3321d22734eb17522780e42ba9387
d630f4861e0e52eb59add6365442508fb264884d8dbad711034fbca0c59f4161
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d8fe1add9a686bf341acdb1f351481c6b8053bd4383966c9987735a9fd1d18eb
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc0bab0a7c34d789ae5758b8701181364c8bf1dad8d6537358c8fbd5d9224df5
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd3395aa06137d662084788394713ed3f196fb585a8ad4ad688419dac9cb960d
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de932cbac682059adbbee65bca86b77f1de7160449bc96184ad9727ff2a8eb44
dec4401f7dc6ae48c45225b1d50893098b57351a91a88f63acc9c660d3a903e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43d2a6a4be9ba532b3c43b8e1fd7fe0f972af5a66197ac19f8dc15333f6e48a
e4e089ca0e39969f3fe94c73e467afef885a93e6fec91aa657645d531ef8bbd7
e55f4225cf329fb15a7300c723bb8d3d66a73307f739e55bc91d3e6eca4ce702
e5970cf1fc5023de5dfb9e3047f8eef8257c4f0bfaee714d7a0e7074852ea251
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e7951b3e72375e8e1edc0a7eb3a6c3277dbb8faeda69d9063419866020347c88
e8a44ef61548d547660e184f4fbe7da207e5491812b793878aeee1cdc7617255
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
e9c974a8fa736368287e1f2e16bd2969ed50d80fc1707ed4813eb07de6272f64
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
ecccbc4798d8b0bcbf86410a001030bfd866678b25f62a8b95a8f2b629558e34
eda48b35b48114ee620f8a35970ceb937aeae38851ff490510ba3588a6f23ea3
ee2d50f2e0635e28cd9ef26de0c80163d69bc6674ca23107a6ae3cb7a71bb5fb
eef99d896742eb15af912c9abc8e1d7cf2c66479fb7edf393ebb71f95e755974
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
f272b6abfa2056017f2c8c4f7885dd4bb99dd73b382b0dff2af046eb38683276
f4b68710142c7639230497bd5ff7313dae90944561ee4835408cb1f431d05b1f
f4eb9ae91754e1805029c923352fddbe59e3647acb80804f4518bb469c688b1c
f503b919164f4e65c9d0e208a5bb758225f26d8c34049df0c19065d99338467d
f64906d93ec10221ea6a37650d630e0e07681af8a2d0b7c83479b5cb62737848
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f8f21ef063990b4a26b23e86f3764a0f34419e4c163f949f99aaa139a16b1529
fb6ded6d9850118bf2b04f3d92d50129e08e5df9915befb537c4ce196b66e62c
fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67

www.farmonline.com.au Open in urlscan Pro 143.204.98.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

302 Requests

99 %HTTPS

60 %IPv6

36 Domains

64 Subdomains

60 IPs

8 Countries

3782 kBTransfer

9965 kBSize

25 Cookies

22 Outgoing links

Redirected requests

302 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.farmonline.com.au Open in urlscan Pro
143.204.98.3 Public Scan

Screenshot
Live screenshot

Full Image

302
Requests

99 %
HTTPS

60 %
IPv6

36
Domains

64
Subdomains

60
IPs

8
Countries

3782 kB
Transfer

9965 kB
Size

25
Cookies

302 HTTP transactions
4 data transactions