www.smh.com.au Open in urlscan Pro
2a04:4e42:3::645 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200...
Submission: On September 03 via manual (September 3rd 2020, 4:04:07 am UTC) from US

Summary HTTP 215 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 35 domains to perform 215 HTTP transactions. The main IP is 2a04:4e42:3::645, located in Ascension Island and belongs to FASTLY, US. The main domain is www.smh.com.au.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 27th 2020. Valid for: a year.

This is the only time www.smh.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2a04:4e42:3::645 2a04:4e42:3::645	54113 (FASTLY) (FASTLY)
7	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:6a00:10:2964:9d00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.108.68.187 104.108.68.187	16625 (AKAMAI-AS) (AKAMAI-AS)
6	3.104.80.72 3.104.80.72	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
17	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
2	3.24.219.150 3.24.219.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
16	23.111.11.152 23.111.11.152	33438 (HIGHWINDS2) (HIGHWINDS2)
1	95.100.105.90 95.100.105.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	158.101.192.251 158.101.192.251	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	34.254.111.26 34.254.111.26	16509 (AMAZON-02) (AMAZON-02)
1 2	18.202.95.48 18.202.95.48	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:6600:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:9600:7:3896:c640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.207.52.76 52.207.52.76	14618 (AMAZON-AES) (AMAZON-AES)
2 4	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	13.35.255.237 13.35.255.237	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
6	104.111.216.19 104.111.216.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	52.208.212.211 52.208.212.211	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::729	54113 (FASTLY) (FASTLY)
2	3.221.240.86 3.221.240.86	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	138.201.125.235 138.201.125.235	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2600:9000:214... 2600:9000:214f:d400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
15	104.111.218.83 104.111.218.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
2	34.232.20.147 34.232.20.147	14618 (AMAZON-AES) (AMAZON-AES)
3	148.251.77.207 148.251.77.207	24940 (HETZNER-AS) (HETZNER-AS)
1	52.20.153.254 52.20.153.254	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
1	143.204.212.151 143.204.212.151	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:3::539 2a04:4e42:3::539	54113 (FASTLY) (FASTLY)
2	13.55.146.187 13.55.146.187	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
3	64.74.236.95 64.74.236.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
8	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
215	57

33 2a04:4e42:3::645 (Ascension Island)

ASN54113 (FASTLY, US)

www.smh.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:6a00:10:2964:9d00:21 (United States)

ASN16509 (AMAZON-02, US)

d2uhnetoehh304.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.68.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-68-187.deploy.static.akamaitechnologies.com

a304207300.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.104.80.72 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-80-72.ap-southeast-2.compute.amazonaws.com

i.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a04:4e42:600::645 (Ascension Island)

ASN54113 (FASTLY, US)

api.smh.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.24.219.150 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-219-150.ap-southeast-2.compute.amazonaws.com

plow2.streem.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.111.11.152 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

static-au.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.105.90 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-105-90.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.101.192.251 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)

fairfaxmedia.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.111.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-111-26.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.95.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:6600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9600:7:3896:c640:93a1 (United States)

ASN16509 (AMAZON-02, US)

adc-js.nine.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.52.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-52-76.compute-1.amazonaws.com

10510523.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

6588526.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8116316.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.255.237 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-237.fra6.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.216.19 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-19.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.212.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-212-211.eu-west-1.compute.amazonaws.com

nd.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::729 (Ascension Island)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.240.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-240-86.compute-1.amazonaws.com

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.125.235 (Kuenzelsau, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.125.201.138.clients.your-server.de

static.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:d400:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

37ac4d546e950ab7398636e36d4f7ac4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.111.218.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-83.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.20.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-20-147.compute-1.amazonaws.com

srv-2020-09-03-04.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.77.207 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.207.77.251.148.clients.your-server.de

farm.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.153.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-153-254.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.212.151 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cf-images.ap-southeast-2.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::539 (Ascension Island)

ASN54113 (FASTLY, US)

manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.55.146.187 (Sydney, Australia)

ASN16509 (AMAZON-02, US)

adc.nine.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.241 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	smh.com.au www.smh.com.au api.smh.com.au	1 MB
22	plista.com static-au.plista.com static.plista.com farm.plista.com media.plista.com	203 KB
18	ffx.io static.ffx.io i.ffx.io	209 KB
16	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	748 KB
13	googlesyndication.com 37ac4d546e950ab7398636e36d4f7ac4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	50 KB
13	doubleclick.net 2 redirects securepubads.g.doubleclick.net 6588526.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net 8116316.fls.doubleclick.net	141 KB
11	outbrain.com widgets.outbrain.com odb.outbrain.com mcdp-chidc2.outbrain.com mv.outbrain.com	103 KB
11	imrworldwide.com 2 redirects secure-au.imrworldwide.com cdn-gl.imrworldwide.com secure-gl.imrworldwide.com secure-dcr.imrworldwide.com	71 KB
11	google.com apis.google.com news.google.com www.google.com adservice.google.com	67 KB
7	brightcove.com edge.api.brightcove.com metrics.brightcove.com	4 KB
4	boltdns.net cf-images.ap-southeast-2.prod.boltdns.net manifest.prod.boltdns.net	690 KB
4	facebook.com www.facebook.com	501 B
4	demdex.net dpm.demdex.net nd.demdex.net	5 KB
4	google-analytics.com www.google-analytics.com	21 KB
3	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	google.de www.google.de	235 B
3	parsely.com cdn.parsely.com srv-2020-09-03-04.pixel.parsely.com	24 KB
3	nine.com.au adc-js.nine.com.au adc.nine.com.au	23 KB
3	facebook.net connect.facebook.net	298 KB
2	googletagservices.com www.googletagservices.com	55 KB
2	googleapis.com imasdk.googleapis.com	103 KB
2	twitter.com platform.twitter.com	29 KB
2	igodigital.com 10510523.collect.igodigital.com nova.collect.igodigital.com	3 KB
2	streem.com.au plow2.streem.com.au	318 B
2	optimizely.com a304207300.cdn.optimizely.com logx.optimizely.com	359 B
2	bing.com bat.bing.com	8 KB
1	2mdn.net s0.2mdn.net	11 KB
1	google.ch adservice.google.ch	168 B
1	zencdn.net vjs.zencdn.net	7 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	googleadservices.com www.googleadservices.com	11 KB
1	gscontxt.net fairfaxmedia.gscontxt.net	1 KB
1	brightcove.net players.brightcove.net	210 KB
1	googletagmanager.com www.googletagmanager.com	97 KB
1	cloudfront.net d2uhnetoehh304.cloudfront.net	30 KB
215	35

	Domain	Requested by
21	www.smh.com.au	www.smh.com.au
17	api.smh.com.au	www.smh.com.au
15	media.plista.com	www.smh.com.au
14	images.outbrainimg.com	www.smh.com.au
12	static.ffx.io	www.smh.com.au
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	widgets.outbrain.com	www.smh.com.au widgets.outbrain.com
6	cdn-gl.imrworldwide.com	www.smh.com.au cdn-gl.imrworldwide.com
6	i.ffx.io	d2uhnetoehh304.cloudfront.net
6	securepubads.g.doubleclick.net	www.smh.com.au securepubads.g.doubleclick.net
5	metrics.brightcove.com	www.smh.com.au
5	news.google.com	www.smh.com.au news.google.com
4	www.google.com	www.smh.com.au securepubads.g.doubleclick.net
4	www.facebook.com	www.smh.com.au connect.facebook.net
4	www.google-analytics.com	www.smh.com.au www.google-analytics.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	mcdp-chidc2.outbrain.com	widgets.outbrain.com
3	manifest.prod.boltdns.net	players.brightcove.net
3	farm.plista.com	static-au.plista.com www.smh.com.au
3	secure-gl.imrworldwide.com	1 redirects secure-au.imrworldwide.com www.smh.com.au
3	static.plista.com	static-au.plista.com www.smh.com.au
3	www.google.de	www.smh.com.au
3	connect.facebook.net	www.smh.com.au connect.facebook.net
2	8116316.fls.doubleclick.net	1 redirects www.smh.com.au
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	adc.nine.com.au	adc-js.nine.com.au
2	srv-2020-09-03-04.pixel.parsely.com	cdn.parsely.com www.smh.com.au
2	imasdk.googleapis.com	players.brightcove.net imasdk.googleapis.com
2	edge.api.brightcove.com	players.brightcove.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	nd.demdex.net	www.smh.com.au
2	platform.twitter.com	www.smh.com.au platform.twitter.com
2	6588526.fls.doubleclick.net	1 redirects www.smh.com.au
2	dpm.demdex.net	www.smh.com.au
2	plow2.streem.com.au	d2uhnetoehh304.cloudfront.net
2	bat.bing.com	www.smh.com.au
1	secure-dcr.imrworldwide.com	www.smh.com.au
1	ib.adnxs.com	1 redirects
1	mv.outbrain.com	widgets.outbrain.com
1	cf-images.ap-southeast-2.prod.boltdns.net	www.smh.com.au
1	odb.outbrain.com	widgets.outbrain.com
1	logx.optimizely.com	www.smh.com.au
1	nova.collect.igodigital.com	www.smh.com.au
1	s0.2mdn.net	imasdk.googleapis.com
1	log.outbrainimg.com	widgets.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	37ac4d546e950ab7398636e36d4f7ac4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	vjs.zencdn.net	players.brightcove.net
1	cm.everesttech.net	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.parsely.com	www.smh.com.au
1	10510523.collect.igodigital.com	www.googletagmanager.com
1	adc-js.nine.com.au	www.smh.com.au
1	secure-au.imrworldwide.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	fairfaxmedia.gscontxt.net	www.smh.com.au
1	players.brightcove.net	www.smh.com.au
1	static-au.plista.com	www.smh.com.au
1	apis.google.com	www.smh.com.au
1	a304207300.cdn.optimizely.com	www.smh.com.au
1	www.googletagmanager.com	www.smh.com.au
1	d2uhnetoehh304.cloudfront.net	www.smh.com.au
215	65

This site contains links to these domains. Also see Links.

Domain
subscribe.smh.com.au
www.domain.com.au
tvguide.smh.com.au
www.drive.com.au
www.traveller.com.au
www.goodfood.com.au
weather.smh.com.au
www.theage.com.au
www.brisbanetimes.com.au
www.watoday.com.au
www.afr.com
www.commercialrealestate.com.au
www.findababysitter.com.au
www.weatherzone.com.au
www.rsvp.com.au
smh.myfairfax.com.au
rightsportal.copyright.com.au
twitter.com
www.outbrain.com
www.farandwide.com
stalence-alawants.icu
www.familyminded.com
www.your-health-today.com
www.clicktraceclick.com
www.mansionglobal.com
parentinfluence.com
the.goodwaytrk.com
trk.ajaska.de
www.plista.com
www.facebook.com
www.instagram.com
www.caradvice.com.au
tributes.smh.com.au
celebrations.smh.com.au
advertisers.com.au
www.oneflare.com.au
www.nineforbrands.com.au
consumer.fairfaxsyndication.com
frontpages.fairfaxsyndication.com
www.fairfaxsyndication.com
www.presscouncil.org.au
subscribers.smh.com.au
www.thesmhinsider.com.au

Subject Issuer	Validity	Valid
nine.com.au COMODO RSA Organization Validation Secure Server CA	`2020-02-27` - `2021-02-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.9pub.io Amazon	`2020-02-10` - `2021-03-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.news.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.plista.com COMODO RSA Domain Validation Secure Server CA	`2020-06-02` - `2022-04-11`	2 years	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2019-06-11` - `2020-09-09`	a year	crt.sh
*.gscontxt.net DigiCert SHA2 Secure Server CA	`2020-01-22` - `2022-01-21`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
streem.com.au Amazon	`2019-11-22` - `2020-12-22`	a year	crt.sh
*.api.nine.com.au Amazon	`2019-10-09` - `2020-11-09`	a year	crt.sh
*.collect.igodigital.com DigiCert SHA2 Secure Server CA	`2020-02-14` - `2021-02-18`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-20` - `2020-12-18`	7 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.api.brightcove.com Amazon	`2019-10-21` - `2020-11-21`	a year	crt.sh
metrics.brightcove.com GTS CA 1D2	`2020-08-02` - `2020-10-31`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-07-30` - `2020-10-28`	3 months	crt.sh
logx.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-10-01` - `2020-10-05`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-25` - `2021-04-23`	8 months	crt.sh
*.prod.boltdns.net Amazon	`2019-12-19` - `2021-01-19`	a year	crt.sh
brightcove.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-19` - `2021-04-20`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Frame ID: 52E70AAE715145289C8656F331DA583B
Requests: 188 HTTP requests in this frame

Frame: https://a304207300.cdn.optimizely.com/client_storage/a304207300.html
Frame ID: E5B4832563047CD3BE5BA8ECD39A4A34
Requests: 1 HTTP requests in this frame

Frame: https://6588526.fls.doubleclick.net/activityi;dc_pre=CKqU_7WNzOsCFVuWdwoduvwILw;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5
Frame ID: 801584823BF55C064D4C07A9AB80CAB7
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=444196
Frame ID: CE215DF2BDFEE0E12B2E9AD90B740DEB
Requests: 1 HTTP requests in this frame

Frame: https://nd.demdex.net/dest5.html?d_nsid=0
Frame ID: 7589F52E4478C362B56FFACF853A9497
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fwww.smh.com.au
Frame ID: 953DDCB65100B3DE05BB01742CB481AC
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 2204FE8D363FA35AD63E49A922F8E485
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: E8CA3F089C1C4AF8D9C62D8C01B918F7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.407.0_en.html
Frame ID: F08064B58A5E28CB6EC7F6EDBF2B37E1
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: A74546F4901D8BB94E7CCDDECD14E587
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 8DA695927D8230D119D39E48E3AB08E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 25B00E2C0091AE50B916663C3A1DB375
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst693GwQuKWWyZDW6vHxsGtLr8T0njM6Vk_QdXaxgV3Q9Vb3josZH0oS01OZPHYeQFF_Drxs6PTuxo5u-Pt_dO7RBOYNMkuKI8-zMQRZfDOgFt-NmSWGfWSkzFenmIKSFJs7aeXz0sfHfOsebgTk2R9Yozb3vYl02gDFNQNKwxbGdDq3yetVr4hifwODQ7ob1J2KAlmvP0k7WqeeWrzG7iDCsjMOsRhrIHINwNVwiEuT2_NpuCZWNl_kXdEPdnjPrLGqEBN6EEApPFQDqd3B71vE74uug&sig=Cg0ArKJSzFh-2JaYmyX5EAE&adurl=
Frame ID: C50A89790272C6C8875E74467AC5E028
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F12D745E1E6FFFE70922BCD2EBECF654
Requests: 1 HTTP requests in this frame

Frame: https://8116316.fls.doubleclick.net/activityi;dc_pre=CKOJ67aNzOsCFUSTdwodMbkLZQ;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1141931943
Frame ID: E47E3FC29E811ABCA5EA9DB4EBAFE292
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 8F2B61100C7C322AF077EE4CB760692C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B73E68425418702BE5FF29E8686F9579
Requests: 1 HTTP requests in this frame

Frame: https://adc.nine.com.au/?appNexusUid=7373366318006279658
Frame ID: 3CDE31E19F5FAD2544B0284460ACB302
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 26B0075BCCABF3EEC956A0443900D0B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Page Statistics

215
Requests

96 %
HTTPS

52 %
IPv6

35
Domains

65
Subdomains

57
IPs

7
Countries

4548 kB
Transfer

10959 kB
Size

42
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.smh.com.au/?promote_channel=HI_HL_GNL
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://www.domain.com.au/
Title: Property

Search URL Search Domain Scan URL

URL: https://tvguide.smh.com.au/
Title: TV guide

Search URL Search Domain Scan URL

URL: http://www.drive.com.au/
Title: Drive

Search URL Search Domain Scan URL

URL: http://www.traveller.com.au/
Title: Traveller

Search URL Search Domain Scan URL

URL: http://www.goodfood.com.au/
Title: Good Food

Search URL Search Domain Scan URL

URL: https://subscribe.smh.com.au/?promote_channel=HI_IL_GNL&utm_source=PremiumIndex&utm_medium=HouseInventory&utm_campaign=General
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://weather.smh.com.au/local-forecast/nsw/sydney
Title: Weather

Search URL Search Domain Scan URL

URL: https://www.theage.com.au/
Title: The Age

Search URL Search Domain Scan URL

URL: https://www.brisbanetimes.com.au/
Title: Brisbane Times

Search URL Search Domain Scan URL

URL: https://www.watoday.com.au/
Title: WAtoday

Search URL Search Domain Scan URL

URL: https://www.afr.com/
Title: The Australian Financial Review

Search URL Search Domain Scan URL

URL: https://www.domain.com.au/
Title: Domain

Search URL Search Domain Scan URL

URL: https://www.commercialrealestate.com.au/
Title: Commercial Real Estate

Search URL Search Domain Scan URL

URL: https://www.drive.com.au/
Title: Drive

Search URL Search Domain Scan URL

URL: https://www.goodfood.com.au/
Title: Good Food

Search URL Search Domain Scan URL

URL: https://www.findababysitter.com.au/
Title: Find A Babysitter

Search URL Search Domain Scan URL

URL: https://www.weatherzone.com.au/
Title: Weatherzone

Search URL Search Domain Scan URL

URL: https://www.rsvp.com.au/
Title: RSVP

Search URL Search Domain Scan URL

URL: https://smh.myfairfax.com.au/channel/zHE9EWDHf1XPuz3Phk0YIg/members/signups/new?callback_uri=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Title: register

Search URL Search Domain Scan URL

URL: http://rightsportal.copyright.com.au/pages/republicationpage.aspx?author=Eryk%20Bagshaw&publication=SMH&publicationdate=2020-09-03T01%3A56%3A18Z&publisher=fxj&title=Chinese%20hackers%20target%20emails%20with%20WHO%2C%20Australian%20Medical%20Association%20campaigns&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Title: License this article

Search URL Search Domain Scan URL

URL: https://twitter.com/erykbagshaw?lang=en
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/dangerous-selfies-6dac0a84fa80490c?utm_campaign=dangerousselfies-1744365643424040&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: Promoted (Far & Wide) Travel Selfies That Weren’t Worth the Risk

Search URL Search Domain Scan URL

URL: https://stalence-alawants.icu/f9ab91c2-47ed-4a22-8042-f12a3d7d99f2?ad_title=This+Watch+surprises+the+whole+country.+The+price%3F+Ridiculous%21+%28only+%24&publisher_name=$publisher_name$&section_name=$section_name$&campaign_id=00d0d9b207304bc504a697f1d1c713f26d&ad_id=009f1add38baa5c9e9754243156bf3b37c&OutbrainClickId=$ob_click_id$&c=rer&section_id=$section_id$&obOrigUrl=true
Title: Promoted (News Gadget) This Watch surprises the whole country. The price? Ridiculous! (only $69)

Search URL Search Domain Scan URL

URL: https://www.familyminded.com/s/celeb-couples-with-major-age-differences-50dac89107af4ec0?utm_campaign=agedifferences-58ee2bf898604f6f&utm_medium=cpc&utm_source=out&aid=000c5536f1237d00cba5affe60fc83fada&utm_term=$publisher_name$&obOrigUrl=true
Title: Promoted (FamilyMinded) Celeb Couples with Major Age Differences

Search URL Search Domain Scan URL

URL: https://www.your-health-today.com/prostate?ob_click_id=$ob_click_id$&ac=Pote&ps=prostate-911-mg-desk_1594049115&prod_id=100213&pli=0057bbd0e3ac44444ce577b3f3c7c2933e&ci=00f819fe6a312beda0d996c042d3a5546c&si=$section_id$&pi=$publisher_id$&pn=$publisher_name$&cn=julioprostatecharly-mg-desk_d_5&sn=$section_name$&obOrigUrl=true
Title: Promoted (www.your-health-today.com) If You Have An Enlarged Prostate Do This Immediately (Genius)

Search URL Search Domain Scan URL

URL: https://www.clicktraceclick.com/384fba9c-30c4-4340-b643-28cce2fb4493?sectionid=$section_id$&sectionname=$section_name$&publisherid=$publisher_id$&publishername=$publisher_name$&adtitle=Mac+Users+Surprise%3A+%231+Mac+Protection+Provider+Now+Free+For+2020.&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Promoted (antivirustop-10.com) Mac Users Surprise: #1 Mac Protection Provider Now Free For 2020.

Search URL Search Domain Scan URL

URL: https://www.mansionglobal.com/articles/matthew-perry-looks-to-unload-his-15-million-malibu-house-218759?reflink=outbrain_editorial_$section_id$&obOrigUrl=true
Title: Promoted (Mansion Global) Matthew Perry Looks to Unload His $15 Million Malibu House

Search URL Search Domain Scan URL

URL: https://www.mansionglobal.com/articles/cindy-crawford-and-rande-gerber-selling-beverly-hills-home-218760?reflink=outbrain_editorial_$section_id$&obOrigUrl=true
Title: Promoted (Mansion Global) Cindy Crawford and Rande Gerber Selling Beverly Hills Home

Search URL Search Domain Scan URL

URL: https://www.mansionglobal.com/articles/trust-tied-to-ariana-grande-buys-home-from-ellen-degeneres-and-portia-de-rossi-216835?reflink=outbrain_editorial_$section_id$&obOrigUrl=true
Title: Promoted Mansion Global Trust Tied to Ariana Grande Buys Home From Ellen DeGeneres and Portia de Rossi

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/european-countries-ranked-ccef2494f3994077?utm_campaign=rankingeurope-26321fd52287497e&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: Promoted Far & Wide European Countries, Ranked from Worst to First

Search URL Search Domain Scan URL

URL: https://www.clicktraceclick.com/384fba9c-30c4-4340-b643-28cce2fb4493?sectionid=$section_id$&sectionname=$section_name$&publisherid=$publisher_id$&publishername=$publisher_name$&adtitle=Mac+User+Warning%3A+The+Only+Providers+You+Should+Trust+To+Protect+Your+&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Promoted My Antivirus Review Mac User Warning: The Only Providers You Should Trust To Protect Your Mac.

Search URL Search Domain Scan URL

URL: https://parentinfluence.com/what-cruise-ships-are-really-like-is-ob/?utm_source=outbrain&utm_term=$publisher_name$&utm_medium=005b4aed7edafa69cbfcf1f2832dcb6371&utm_content=$section_id$&utm_campaign=pri-ob-eur-d-cruise_is-cpc_dup_09.02.20&obOrigUrl=true
Title: Promoted Parent Influence [Pics] These Photos Bring Us The Disappointing Reality Of Cruises

Search URL Search Domain Scan URL

URL: https://www.familyminded.com/s/long-lasting-couples-who-never-wed-b641566e6fc44f6d?utm_campaign=longcouples-42b41a43928f425f&utm_medium=cpc&utm_source=out&utm_term=$publisher_name$&obOrigUrl=true
Title: Promoted FamilyMinded Long-Time Celebrity Couples Who Never Married

Search URL Search Domain Scan URL

URL: https://the.goodwaytrk.com/0814a796-8f07-497b-8f2a-f4414becad3c?campid=00c70eeac1f55de25e6772ce7521fd9128&creaid=006ff271b5189f62ca2411939e0f4ab18c&atitle=Adjustable+Reading+Glasses+Take+%24%7Bcountry%7D%24+by+Storm&sectionid=$section_id$&pubidx=$publisher_id$&sectionname=$section_name$&outclickid=$ob_click_id$&obOrigUrl=true
Title: Promoted Self Adjusting Glasses Adjustable Reading Glasses Take Switzerland by Storm

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/MTEy/?utm_source=o&utm_campaign=0057bbca5f6c90d974a044de81e4189f80&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: Promoted Sportskeeda [Fotos] Die 15 lustigsten Filmfehler aller Zeiten

Search URL Search Domain Scan URL

URL: https://www.plista.com/au
Title: powered by plista

Search URL Search Domain Scan URL

URL: https://twitter.com/smh
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sydneymorningherald
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sydneymorningherald
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.caradvice.com.au/
Title: CarAdvice

Search URL Search Domain Scan URL

URL: http://tributes.smh.com.au/obituaries/smh-au/
Title: Tributes

Search URL Search Domain Scan URL

URL: http://celebrations.smh.com.au/celebration/smh-au/
Title: Celebrations

Search URL Search Domain Scan URL

URL: https://advertisers.com.au/
Title: Place your ad

Search URL Search Domain Scan URL

URL: https://www.oneflare.com.au/
Title: Oneflare

Search URL Search Domain Scan URL

URL: https://www.nineforbrands.com.au/advertising-enquiries/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://smh.myfairfax.com.au/members/lite_session/new?callback_uri=https%3A%2F%2Fsmh.myfairfax.com.au%2Fbeta%2Fmembers%2Fmy_account%2Fnewsletters%3Fchannel_key%3DzHE9EWDHf1XPuz3Phk0YIg%26callback_uri%3Dhttps%253a%252f%252fwww.smh.com.au&channel_key=zHE9EWDHf1XPuz3Phk0YIg
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://consumer.fairfaxsyndication.com/C.aspx?VP3=CMS3&VF=FXJFX2_2_VForm
Title: Photo sales

Search URL Search Domain Scan URL

URL: https://frontpages.fairfaxsyndication.com/C.aspx?VP3=CMS3&VF=FXJFX2_3_VForm
Title: Purchase front pages

Search URL Search Domain Scan URL

URL: https://www.fairfaxsyndication.com/C.aspx?VP3=CMS3&VF=FXJO50_1
Title: Content licensing

Search URL Search Domain Scan URL

URL: https://www.nineforbrands.com.au/about/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://www.presscouncil.org.au/what-we-do
Title: Press Council

Search URL Search Domain Scan URL

URL: https://subscribe.smh.com.au/?promote_channel=HI_FL_GNL
Title: Subscription packages

Search URL Search Domain Scan URL

URL: https://subscribers.smh.com.au/
Title: Subscriber benefits

Search URL Search Domain Scan URL

URL: https://subscribers.smh.com.au/support-centre/overview
Title: Subscriptions FAQs

Search URL Search Domain Scan URL

URL: https://www.thesmhinsider.com.au/c/a/5dAvszx5Lm7C4GDU21EWmQ?dPanel=2
Title: Feedback

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 64

https://6588526.fls.doubleclick.net/activityi;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5 HTTP 302
https://6588526.fls.doubleclick.net/activityi;dc_pre=CKqU_7WNzOsCFVuWdwoduvwILw;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5

Request Chain 84

https://cm.everesttech.net/cm/dd?d_uuid=75620917634465337720407927550618140237 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1BrIgAABMw87i3-

Request Chain 133

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599105827410&ci=f2&js=1&cg=0&ts=outbrain.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&sr=1600x1200&id=lstrg-83bc49f63e0d3f21218228952e07ebc0&tz=2 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599105827410&ci=f2&js=1&cg=0&ts=outbrain.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&sr=1600x1200&id=lstrg-83bc49f63e0d3f21218228952e07ebc0&tz=2&ja=1

Request Chain 174

https://secure.adnxs.com/getuid?https%3A%2F%2Ffarm.plista.com%2Fmatching%2Fpixel%2F%3Fssp%3Dc3de%26dsp_user_id%3D$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ffarm.plista.com%252Fmatching%252Fpixel%252F%253Fssp%253Dc3de%2526dsp_user_id%253D%24UID HTTP 302
https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=7373366318006279658

Request Chain 201

https://8116316.fls.doubleclick.net/activityi;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1141931943 HTTP 302
https://8116316.fls.doubleclick.net/activityi;dc_pre=CKOJ67aNzOsCFUSTdwodMbkLZQ;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1141931943

Request Chain 216

https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID HTTP 302
https://adc.nine.com.au/?appNexusUid=7373366318006279658

215 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html Show response
www.smh.com.au/world/asia/ 205 KB
45 KB 341ms
322ms Document
text/html 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a96c14280986223d263dd5193b3e58f0fed647b24b60294a5b65bc3a1aefa8ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.smh.com.au
:scheme: https
:path: /world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: public, max-age=30, no-transform
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
content-type: text/html; charset=utf-8
etag: W/"33529-VtEO957WNbZ/MFY8LIxQ+O8fDAA"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
uber-trace-id: 423587159c5024d2:423587159c5024d2:0:0
x-frame-options: sameorigin
x-varnish-grace: none(fetch fresh)
x-xss-protection: 1; mode=block
via: 1.1 varnish 1.1 varnish
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:45 GMT
age: 13
x-served-by: cache-syd10143-SYD, cache-fra19134-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
content-length: 45221

GET
H2 200 metro_mastheads.js Show response
www.smh.com.au/optimizelyjs/s/ 409 KB
102 KB 8ms
7ms Script
text/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/optimizelyjs/s/metro_mastheads.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4aff92a68cf24362fb2da7631c8bc47e99699ff271c91a74e4479568ab831d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: AJHxax.20DHWqbmoPYz5VWpQUTEuBIgt
content-encoding: gzip
etag: "3860df915f6d4aab607a9c282b95856d"
age: 77
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
access-control-max-age: 86400
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="0";dur=0,cdnip;desc="23.210.249.30";dur=0,cdnmap;desc="";dur=0,proto;desc="";dur=0
x-amz-request-id: 8FEA8C51E708C659
x-amz-id-2: zA54mclY6rE0qKWjcZHXv4W3Af6v6V/MUWbwK7y4l6kokbjTUL1B1PGHGy0bH+YGCTgoWcvQA2M=
x-served-by: cache-fra19134-FRA
access-control-allow-origin: *
last-modified: Thu, 03 Sep 2020 03:06:19 GMT
server: AmazonS3
date: Thu, 03 Sep 2020 04:03:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
x-amz-meta-revision: 3953
content-length: 103629
timing-allow-origin: *
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 96ms
35ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

6bca6cbde970e0e3b1220f896fc5f25a9fb04036ed43a8c26090009ec85f9d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "621 / 175 of 1000 / last-modified: 1599085232"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18717
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:03:45 GMT

GET
H2 200 sp.js Show response
d2uhnetoehh304.cloudfront.net/2.11.0-patched/ 97 KB
30 KB 52ms
11ms Script
application/javascript 2600:9000:214f:6a00:10:2964:9d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6a00:10:2964:9d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0e67da2dcb273ee4036fe60f2576e0c293e3f509df4f95c512f1f77260ff276

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 09:58:35 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 00:54:02 GMT
server: AmazonS3
age: 16999511
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: DiMIxw43kho_Wmh98xdVrcqrUhBkydeM8udAWgcHG9tJ53ZzM8zkaA==
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 2885
date: Thu, 03 Sep 2020 03:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Thu, 03 Sep 2020 05:15:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 365 KB
97 KB 24ms
17ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCMZ2X6

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e4cc30e47a20e13d4a261e0cf5b93a2f6dfc09efa0769c17b959e00648b191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98734
x-xss-protection: 0
last-modified: Thu, 03 Sep 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Sep 2020 04:03:45 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 58ms
26ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:44 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: 2BECFE6F8FBF4025B0B257F87C149330 Ref B: FRAEDGE1206 Ref C: 2020-09-03T04:03:45Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2 200 picturefill.js Show response
www.smh.com.au/assets/ 12 KB
5 KB 16ms
10ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/picturefill.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3735339834d5454c5e7b9566cd212eba9351442b5dd5a5fdd5e7b1ef516e659f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 18199673
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 5287
x-xss-protection: 1; mode=block
x-served-by: cache-syd10151-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Feb 2020 22:57:57 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"2e36-1700d465108"
accept-ranges: bytes
x-cache-hits: 414997, 2

GET
H2 200 manifest.ada0b29e5a74fd607fc1.js Show response
www.smh.com.au/assets/ 5 KB
4 KB 9ms
7ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/manifest.ada0b29e5a74fd607fc1.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1210d9a27fa0c5ea2f9d3e2c7950ae8bd3695c65ad11b4b13d0883629392c42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 88888
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 2990
x-xss-protection: 1; mode=block
x-served-by: cache-syd10151-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 02:11:04 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"151f-1744c94f2c0"
accept-ranges: bytes
x-cache-hits: 141, 2

GET
H2 200 europa.e35d307ad5e63f59e3ce.chunk.js Show response
www.smh.com.au/assets/ 26 KB
9 KB 15ms
6ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/europa.e35d307ad5e63f59e3ce.chunk.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

598951fb3b317fb2072080eefef33dfdaa4b69e88c1d1c16a36c44ac595d47fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.smh.com.au
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 534167
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 8380
x-xss-protection: 1; mode=block
x-served-by: cache-syd10120-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Aug 2020 06:07:59 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"68d3-1742e87b218"
accept-ranges: bytes
x-cache-hits: 27, 3

GET
H2 200 3dffa6aa.woff2
www.smh.com.au/assets/ 35 KB
35 KB 11ms
9ms Font
font/woff2 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/3dffa6aa.woff2

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fc475c72236d86cc5d8516a4afa0102f0b7379203fbde407d20f00e9c9a5dc6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.smh.com.au
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: W/"8d1c-16facaffba0"
age: 19826031
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
content-length: 36124
x-xss-protection: 1; mode=block
x-served-by: cache-syd10121-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jan 2020 04:50:12 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 176051, 2

GET
H2 200 9ff0e533.woff2
www.smh.com.au/assets/ 51 KB
51 KB 19ms
18ms Font
font/woff2 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/9ff0e533.woff2

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5d8ef4d01c05ab65fa428ef13b6e0ad8992272baeba1f15bffbc2bbf8647d9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.smh.com.au
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: W/"ca9c-16facaffba0"
age: 19826004
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
content-length: 51868
x-xss-protection: 1; mode=block
x-served-by: cache-syd10126-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jan 2020 04:50:12 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 343673, 1

GET
H2 200 b81bb9a1.woff2
www.smh.com.au/assets/ 29 KB
29 KB 11ms
10ms Font
font/woff2 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/b81bb9a1.woff2

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3ac554741dfb7a3d5c75a01cc0f2c9a84abc87816697afb911d819abc39b289

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.smh.com.au
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: W/"7324-16facaffba0"
age: 19825980
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
content-length: 29476
x-xss-protection: 1; mode=block
x-served-by: cache-syd10151-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jan 2020 04:50:12 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 7091, 2

GET
H2 200 b9bc76d6.woff2
www.smh.com.au/assets/ 31 KB
31 KB 11ms
10ms Font
font/woff2 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/b9bc76d6.woff2

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cb569941f4f8b117402a398f9ca0c7527042b28319dfdadffda43c4a0ad3d5c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.smh.com.au
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: W/"7c1c-16facaffba0"
age: 19826002
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
content-length: 31772
x-xss-protection: 1; mode=block
x-served-by: cache-syd10124-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jan 2020 04:50:12 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 302801, 2

GET
H2 200 c67d7077.woff2
www.smh.com.au/assets/ 27 KB
27 KB 10ms
9ms Font
font/woff2 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/c67d7077.woff2

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8cbb84320501e7ba07f1793b7ce865f022a7afc1d4e1c3abd2c9879f12dbf1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.smh.com.au
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: W/"6bd0-16fd4b91cf8"
age: 19217048
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
content-length: 27600
x-xss-protection: 1; mode=block
x-served-by: cache-syd10137-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jan 2020 23:24:59 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 486439, 2

GET
H2 200 dd51f8cf.woff2
www.smh.com.au/assets/ 48 KB
49 KB 10ms
10ms Font
font/woff2 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/dd51f8cf.woff2

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7630b3dd2b6e83a3d5295706cccdddf75013f8a9970435a999f2f0dbb5a579f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.smh.com.au
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: W/"c1b4-16facaffba0"
age: 19826003
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
content-length: 49588
x-xss-protection: 1; mode=block
x-served-by: cache-syd10126-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jan 2020 04:50:12 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 149, 2

GET
H2 200 c1f64adca3eba9bd1201b9ed80cb8d9512dcdb32
static.ffx.io/images/$zoom_1.035%2C$multiply_0.7554%2C$ratio_1.776846%2C$width_1059%2C$x_0%2C$y_12/t_crop_custom/q_86%2Cf_auto/ 67 KB
67 KB 159ms
151ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_1.035%2C$multiply_0.7554%2C$ratio_1.776846%2C$width_1059%2C$x_0%2C$y_12/t_crop_custom/q_86%2Cf_auto/c1f64adca3eba9bd1201b9ed80cb8d9512dcdb32
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0a7a6ec1926c9a95f4da36faf6691d6faa15bb03b6b0f52e9d38b62bf803b551

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 399507623657827272836688659225704454282,182190138855878806768828891859088538081,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="c1f64adca3eba9bd1201b9ed80cb8d9512dcdb32.webp"
content-length: 68720
x-cld-skey: 399507623657827272836688659225704454282 182190138855878806768828891859088538081 5f5f4219172da4ec8104790896b11172
x-cache: MISS, MISS
last-modified: Thu, 03 Sep 2020 01:56:58 GMT
server: cloudinary
x-timer: S1599105826.555171,VS0,VE145
etag: "96afe7baa930fc1492706069e45f0ce1"
x-served-by: cache-fra19129-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0

GET
H2 200 5b2d38b802092c7eaaeed61efa84513a3acb0183
static.ffx.io/images/$zoom_0.265%2C$multiply_0.7554%2C$ratio_1.776846%2C$width_1059%2C$x_0%2C$y_95/t_crop_custom/q_86%2Cf_auto/ 53 KB
54 KB 134ms
126ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.265%2C$multiply_0.7554%2C$ratio_1.776846%2C$width_1059%2C$x_0%2C$y_95/t_crop_custom/q_86%2Cf_auto/5b2d38b802092c7eaaeed61efa84513a3acb0183
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ff1337546d22ce8cab54ef1cdabfd561a238a0bdd7e9c478e35ee282b5984d97

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 279935327510017868986203183141355063390,316553451906122739469548625241361723615,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="5b2d38b802092c7eaaeed61efa84513a3acb0183.webp"
content-length: 54280
x-cld-skey: 279935327510017868986203183141355063390 316553451906122739469548625241361723615 5f5f4219172da4ec8104790896b11172
x-cache: MISS, MISS
last-modified: Thu, 03 Sep 2020 01:56:58 GMT
server: cloudinary
x-timer: S1599105826.555197,VS0,VE120
etag: "a64beb07fa772bb1739b0359429f7a03"
x-served-by: cache-fra19177-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0

GET
H2 200 vendorReactReduxRelay.a6df0b7ba181594ea28a.chunk.js Show response
www.smh.com.au/assets/ 340 KB
106 KB 15ms
6ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/vendorReactReduxRelay.a6df0b7ba181594ea28a.chunk.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

97e2269fd9abcd397be339766b5b6901668eda0e72adb2cb4a0b8277f3e052cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 88889
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 107765
x-xss-protection: 1; mode=block
x-served-by: cache-syd10131-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 02:11:04 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"551b8-1744c94f2c0"
accept-ranges: bytes
x-cache-hits: 165, 3

GET
H2 200 vendorCommon.cc2e25960fe2dc4881d3.chunk.js Show response
www.smh.com.au/assets/ 562 KB
178 KB 23ms
15ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/vendorCommon.cc2e25960fe2dc4881d3.chunk.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e30872ede903726d0362f16dc08be25b080433cf5fba236b219893b8490b341

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 88877
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 181865
x-xss-protection: 1; mode=block
x-served-by: cache-syd10121-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 02:11:04 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"8c95d-1744c94f2c0"
accept-ranges: bytes
x-cache-hits: 172, 1

GET
H2 200 vendorFFXBlue.2180ff4a99b58040f2fc.chunk.js Show response
www.smh.com.au/assets/ 380 KB
75 KB 17ms
10ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/vendorFFXBlue.2180ff4a99b58040f2fc.chunk.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c095c754b69ab8025bd1c844820e0beb2156ccdbf6e911eed53ccd623fa69d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 88908
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 76100
x-xss-protection: 1; mode=block
x-served-by: cache-syd10144-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 02:11:04 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"5eeba-1744c94f2c0"
accept-ranges: bytes
x-cache-hits: 34169, 2

GET
H2 200 client.cc6711fb17ccf9e0516d.chunk.js Show response
www.smh.com.au/assets/ 1 MB
200 KB 23ms
15ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76e6f909ab5b39358828ced9b1563022feb39fc1fc6894dc8dbc6ca9bc77cee0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 88887
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 204874
x-xss-protection: 1; mode=block
x-served-by: cache-syd10121-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 02:11:04 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"102a76-1744c94f2c0"
accept-ranges: bytes
x-cache-hits: 167, 1

GET
H2 200 3cc8baa7.svg
www.smh.com.au/assets/ 14 KB
7 KB 14ms
9ms Image
image/svg+xml 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.smh.com.au/assets/3cc8baa7.svg

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2453603ecc5432fab703190c8f1fe9ed9d90194c27c3017402f997c7cdc80611

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
content-encoding: gzip
age: 2725995
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 6746
x-xss-protection: 1; mode=block
x-served-by: cache-syd10142-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Jul 2020 02:48:20 GMT
x-frame-options: sameorigin
etag: W/"39ef-173a2c53520"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 42450, 12

GET
H2 200 12520cc7.svg
www.smh.com.au/assets/ 350 B
462 B 15ms
15ms Image
image/svg+xml 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.smh.com.au/assets/12520cc7.svg

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b7b1e7f550a665ab6261d89a5779c1dd5ae0d3d98f58ea7d2465402df829fa74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
content-encoding: gzip
age: 19826053
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 242
x-xss-protection: 1; mode=block
x-served-by: cache-syd10131-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jan 2020 04:50:12 GMT
x-frame-options: sameorigin
etag: W/"15e-16facaffba0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 215521, 2

GET
H2 200 d8d95916.svg
www.smh.com.au/assets/ 196 B
271 B 21ms
15ms Image
image/svg+xml 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.smh.com.au/assets/d8d95916.svg

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fa9095bad08410bd71b72e1a9b7956f58b9234dee7befeb42bdd8d54a117454

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
content-encoding: gzip
age: 19826038
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 164
x-xss-protection: 1; mode=block
x-served-by: cache-syd10122-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jan 2020 04:50:12 GMT
x-frame-options: sameorigin
etag: W/"c4-16facaffba0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 238918, 1

GET
H2 200 d44dfa02.svg
www.smh.com.au/assets/ 196 B
305 B 21ms
15ms Image
image/svg+xml 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.smh.com.au/assets/d44dfa02.svg

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

483689ecccd791731dcf700dedb2900e201cff0abd56ca28d3e68c11159551b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:45 GMT
content-encoding: gzip
age: 9033352
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 165
x-xss-protection: 1; mode=block
x-served-by: cache-syd10137-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 May 2020 02:16:31 GMT
x-frame-options: sameorigin
etag: W/"c4-1722fde3418"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 59720, 1

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 a304207300.html
a304207300.cdn.optimizely.com/client_storage/ Frame E5B4 0
0 218ms
147ms Document
text/html 104.108.68.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a304207300.cdn.optimizely.com/client_storage/a304207300.html

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/optimizelyjs/s/metro_mastheads.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.68.187 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-68-187.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a304207300.cdn.optimizely.com
:scheme: https
:path: /client_storage/a304207300.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
x-amz-id-2: 4v5BaWI08EVAsWSSYXOO7q3IcFvntWMeqT4bkfqhlErHYO/Xla7U8fvTp7gY/ynTjnoW+G+QdXM=
x-amz-request-id: 115FBFAF2DE06ABB
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Sep 2020 03:06:10 GMT
etag: "28473f10a3a0bf9d4d37cdbafc628332"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: lh.ErfUe8lclnRAJ2KbebdIHNUVMHSLY
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 975
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 03 Sep 2020 04:03:46 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="104.108.68.187";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 3d277da1b91adcd899b3101e9f663f15.sprite.svg Show response
www.smh.com.au/assets/svg/ 298 KB
148 KB 7ms
6ms XHR
image/svg+xml 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/svg/3d277da1b91adcd899b3101e9f663f15.sprite.svg

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/assets/vendorCommon.cc2e25960fe2dc4881d3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fc0f297e98a89b8799e9c4be1e11d05792a94a7762ec18950209a29c40ef2fcf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
age: 1210458
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 151123
x-xss-protection: 1; mode=block
x-served-by: cache-syd10121-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Aug 2020 01:01:35 GMT
x-frame-options: sameorigin
etag: W/"4a8ef-1740962a998"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 10, 1

GET
H2 200 Asset.46a0add0588bdc1f39af.chunk.js Show response
www.smh.com.au/assets/ 728 KB
172 KB 7ms
6ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/assets/manifest.ada0b29e5a74fd607fc1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4faeb536f1c5f9b13ecea5bc4434f678cffb1d1f4cc707b67c435ba43fa12e59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
age: 88875
content-security-policy-report-only: child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 175982
x-xss-protection: 1; mode=block
x-served-by: cache-syd10128-SYD, cache-fra19134-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 02:11:04 GMT
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 04:03:46 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
etag: W/"b60b9-1744c94f2c0"
accept-ranges: bytes
x-cache-hits: 50, 1

GET
H2 204 0
bat.bing.com/action/ 0
171 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4010841&Ver=2&mid=4a5722bc-b4d9-4d52-7a8a-7c5c582c3440&sid=88a7304f86835aedde7b7a1b69ae71b6&vid=d7c593c4ed044b9ad704aa6a192cfded&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Coronavirus%3A%20China%20state-sponsored%20hackers%20APT%20TA413%20target%20personal%20computers%20for%20COVID-19%20intelligence&p=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&r=&lt=863&evt=pageLoad&msclkid=N&sv=1&rn=479432
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 03 Sep 2020 04:03:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: F56B25FF5874406EB1EC9F3154015D50 Ref B: FRAEDGE1206 Ref C: 2020-09-03T04:03:46Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020083101.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 79ms
44ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

723c2c4708075116cb94201f366fd66584fdd47ee569d962cdb81616f5a70f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 31 Aug 2020 08:38:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94015
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:03:46 GMT

OPTIONS
H/1.1 200
OK tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 0
0 1289ms
313ms Other 3.104.80.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Server: 3.104.80.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-80-72.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.smh.com.au
Date: Thu, 03 Sep 2020 04:03:47 GMT
Server: akka-http/10.0.9
Content-Length: 0
Connection: keep-alive

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: 1fpAI4MzspPdSD4P42sWKtwlN/v9i9oc4FFmvclQRwQGHNHviAJXDlBIWyeT7KxPaGjZ+C4Zsz/GyUS6Z2nR3g==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 03 Sep 2020 04:03:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
3 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 03:47:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 950
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:47:56 GMT

POST
H/1.1 200
OK tp2 Show response
i.ffx.io/com.snowplowanalytics.snowplow/ 2 B
438 B 1273ms
336ms XHR
text/plain 3.104.80.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.104.80.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-80-72.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 03 Sep 2020 04:03:48 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.smh.com.au
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76b166d33dbe05fad3abfcf189eb46c7b46bb591481aa382e6fd88be03c2363a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 197d5577c5c73eb85ab11ef2bb2bb971844b502ada2e4fc85c585668f4f08cd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 36 KB
36 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46276c2f730d599d6c8478ccc80bfe23c2c263ee0d6fdb3dc45a29f2c07520bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: img/png

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 30ms
6ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20UpdatedPaywallRulesQuery(%20%24brand%3A%20String!%20)%20%7B%20paywallRules%3A%20paywallRules(brand%3A%20%24brand)%20%7B%20...UpdatedPaywallRulesFragment_paywallRulesData%20%7D%20%7D%20fragment%20UpdatedPaywallRulesFragment_paywallRulesData%20on%20Rules%20%7B%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20meters_variants%20%7B%20referrers%20%7B%20domains%20%7D%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20category%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20%7D%20paywall%20%7B%20enabled%20exceptions%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20referrers_variants%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20sponsored%20%7D%20inclusions%20%7B%20tags%20%7D%20limit%20limit_variants%20%7B%20newSession%20%7B%20limit%20%7D%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20tags%20%7D%20%7D%20%7D%20fragment%20PromptFragment_prompt%20on%20Prompt%20%7B%20callToAction%20countRemaining%20message%20swgMessage%20style%20subscriptionURL%20title%20%7D%20fragment%20SwgPromptFragment_swgPrompt%20on%20SWGPrompt%20%7B%20message%20package%20price%20subscriptionURL%20title%20%7D%20&variables=%7B%22brand%22%3A%22smh%22%7D
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105826.387308,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 6ms
6ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20MostPopularQuery(%20%24assetType%3A%20String%20%24brand%3A%20String!%20%24primaryCategory%3A%20String%20%24count%3A%20Int%20%24subCategory%3A%20String%20%24tags%3A%20%5BString!%5D%20)%20%7B%20popular%3A%20mostPopularStories(assetType%3A%20%24assetType%2C%20brand%3A%20%24brand%2C%20category%3A%20%24primaryCategory%2C%20count%3A%20%24count%2C%20subCategory%3A%20%24subCategory%2C%20tags%3A%20%24tags)%20%7B%20...AssetFragmentFragment_assetDataWithTag%20id%20%7D%20%7D%20fragment%20AssetFragmentFragment_assetDataWithTag%20on%20Asset%20%7B%20...AssetFragmentFragment_assetData%20tags%20%7B%20primaryTag%20%7B%20...AssetFragment_tagFragment%20%7D%20%7D%20%7D%20fragment%20AssetFragmentFragment_assetData%20on%20Asset%20%7B%20id%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20totalImages%20%7D%20label%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20external%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20assetType%20dates%20%7B%20modified%20published%20%7D%20sponsor%20%7B%20name%20%7D%20%7D%20fragment%20AssetFragment_tagFragment%20on%20AssetTagDetails%20%7B%20displayName%20urls%20%7B%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&variables=%7B%22assetType%22%3A%22%22%2C%22brand%22%3A%22smh%22%2C%22count%22%3A6%2C%22primaryCategory%22%3A%22World%22%2C%22subCategory%22%3A%22%22%7D
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105826.402263,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 8ms
7ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20AssetCommentQuery(%20%24id%3A%20String!%20%24limit%3A%20Int!%20)%20%7B%20asset%3A%20asset(id%3A%20%24id)%20%7B%20comments%3A%20commentsConnection(limit%3A%20%24limit)%20%7B%20closed%20totalCommentCount%20nodes%20%7B%20body%20created_at%20id%20user%20%7D%20%7D%20id%20%7D%20%7D%20&variables=%7B%22id%22%3A%22p55rwy%22%2C%22limit%22%3A2%7D
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105826.406476,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 6ms
6ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105826.407698,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

OPTIONS
H2 200 tp2
plow2.streem.com.au/com.snowplowanalytics.snowplow/ Frame 0
0 992ms
313ms Other 3.24.219.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plow2.streem.com.au/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 3.24.219.150 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-219-150.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Thu, 03 Sep 2020 04:03:47 GMT
content-length: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
server: akka-http/10.0.9

GET
H2 200 graphql Show response
api.smh.com.au/ 24 KB
2 KB 1232ms
1219ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20UpdatedPaywallRulesQuery(%20%24brand%3A%20String!%20)%20%7B%20paywallRules%3A%20paywallRules(brand%3A%20%24brand)%20%7B%20...UpdatedPaywallRulesFragment_paywallRulesData%20%7D%20%7D%20fragment%20UpdatedPaywallRulesFragment_paywallRulesData%20on%20Rules%20%7B%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20meters_variants%20%7B%20referrers%20%7B%20domains%20%7D%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20category%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20%7D%20paywall%20%7B%20enabled%20exceptions%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20referrers_variants%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20sponsored%20%7D%20inclusions%20%7B%20tags%20%7D%20limit%20limit_variants%20%7B%20newSession%20%7B%20limit%20%7D%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20tags%20%7D%20%7D%20%7D%20fragment%20PromptFragment_prompt%20on%20Prompt%20%7B%20callToAction%20countRemaining%20message%20swgMessage%20style%20subscriptionURL%20title%20%7D%20fragment%20SwgPromptFragment_swgPrompt%20on%20SWGPrompt%20%7B%20message%20package%20price%20subscriptionURL%20title%20%7D%20&variables=%7B%22brand%22%3A%22smh%22%7D
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c7911061a56c9d18f1e4279f60a4a48e7049dab3c8a61b643106bf250a9272f

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
age: 0, 0
status: 200
x-served-by: cache-syd10133-SYD, cache-fra19134-FRA
vary: Accept-Encoding, Origin
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes, bytes
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 platform.js Show response
apis.google.com/js/ 49 KB
19 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

092f3201317b7ef608f6a899d395d36cffcca4d6824f00bc50120e84341c76f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e4DyItl580+h1hzU/g09EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "81b6c5d10475fc4c0084a56d3b41af80"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-e4DyItl580+h1hzU/g09EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 03 Sep 2020 04:03:46 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 133 KB
39 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36c30bbe7beb1ae7519d037630386514a1464b237891b3428d6b63c2a932aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Aug 2020 22:08:05 GMT
server: sffe
age: 217
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39999
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:50:09 GMT

GET
H2 200 p54rzz Show response
api.smh.com.au/api/content/v0/assets/ 11 KB
4 KB 318ms
317ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/api/content/v0/assets/p54rzz
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c7fef2c581107cf390cb8599a26696e51bd7c4ab4ab44e2ad0be2222ee4fb128

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
age: 3
x-served-by: cache-syd10124-SYD, cache-fra19182-FRA
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json
status: 200
cache-control: public, max-age=30
x-varnish-grace: none(fetch fresh)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3834
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 1, 0

GET
H2 200 graphql Show response
api.smh.com.au/ 15 KB
3 KB 309ms
309ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20MostPopularQuery(%20%24assetType%3A%20String%20%24brand%3A%20String!%20%24primaryCategory%3A%20String%20%24count%3A%20Int%20%24subCategory%3A%20String%20%24tags%3A%20%5BString!%5D%20)%20%7B%20popular%3A%20mostPopularStories(assetType%3A%20%24assetType%2C%20brand%3A%20%24brand%2C%20category%3A%20%24primaryCategory%2C%20count%3A%20%24count%2C%20subCategory%3A%20%24subCategory%2C%20tags%3A%20%24tags)%20%7B%20...AssetFragmentFragment_assetDataWithTag%20id%20%7D%20%7D%20fragment%20AssetFragmentFragment_assetDataWithTag%20on%20Asset%20%7B%20...AssetFragmentFragment_assetData%20tags%20%7B%20primaryTag%20%7B%20...AssetFragment_tagFragment%20%7D%20%7D%20%7D%20fragment%20AssetFragmentFragment_assetData%20on%20Asset%20%7B%20id%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20totalImages%20%7D%20label%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20external%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20assetType%20dates%20%7B%20modified%20published%20%7D%20sponsor%20%7B%20name%20%7D%20%7D%20fragment%20AssetFragment_tagFragment%20on%20AssetTagDetails%20%7B%20displayName%20urls%20%7B%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&variables=%7B%22assetType%22%3A%22%22%2C%22brand%22%3A%22smh%22%2C%22count%22%3A6%2C%22primaryCategory%22%3A%22World%22%2C%22subCategory%22%3A%22%22%7D
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 628ae987c5c4063a0211af2a615fff6655270e081ce872a997100602679dc4df

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
age: 5
status: 200
x-served-by: cache-syd10122-SYD, cache-fra19134-FRA
vary: Accept-Encoding, Origin
x-cache: HIT, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2652
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 2, 0

GET
H2 200 async.js Show response
static-au.plista.com/ 62 KB
20 KB 142ms
28ms Script
application/javascript 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://static-au.plista.com/async.js

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

555ec6fbd4fbb1181082c8034acd8983cb821a3779b54d770be2963c2b5a987f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-plista-versions: plista-plugin- libplista-php-0.0.0
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
age: 111
x-plista-node: plista851
x-cache: HIT
status: 200
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 03:23:46 GMT
server: NetDNA-cache/2.2
vary: Accept-Encoding
x-varnish: 128132810 127234176
cache-control: public, must-revalidate, proxy-revalidate
content-type: application/javascript; charset=utf-8
expires: Fri, 04 Sep 2020 03:23:47 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/3910869709001/HylmeNWLjl_default/ 788 KB
210 KB 191ms
74ms Script
application/javascript 95.100.105.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.105.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-105-90.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 401ad5511a2dddc48bf8e9b713e2074b22edcb085ae530892536510e4b4f2825

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7RsM.wUHoDC5Mfff1P6SZYrmHo3lDl7f
Content-Encoding: gzip
ETag: "30dfd9418030b20f41e229d01c089f8c"
x-amz-request-id: A7B03B5ADF1A55A6
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 214497
x-amz-id-2: GWWleXTEdDB2+0gxvZ03KbHaWQYCLxHZG2J7qCuBH0tAmaccRYy4hOuWAPUvdKHt5KH/X3SQ1nY=
X-BCOV-Response-Mode: 1
X-Served-By: cache-dca17753-DCA
Last-Modified: Wed, 02 Sep 2020 20:28:58 GMT
Server: AmazonS3
X-Timer: S1599078885.091971,VS0,VE1
Date: Thu, 03 Sep 2020 04:03:46 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=104
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 graphql Show response
api.smh.com.au/ 95 B
209 B 309ms
308ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20AssetCommentQuery(%20%24id%3A%20String!%20%24limit%3A%20Int!%20)%20%7B%20asset%3A%20asset(id%3A%20%24id)%20%7B%20comments%3A%20commentsConnection(limit%3A%20%24limit)%20%7B%20closed%20totalCommentCount%20nodes%20%7B%20body%20created_at%20id%20user%20%7D%20%7D%20id%20%7D%20%7D%20&variables=%7B%22id%22%3A%22p55rwy%22%2C%22limit%22%3A2%7D
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 186688b2dc53205d17bfae50aa29edd6028b75aee169bab8265904c1d3618c2a

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
age: 9
status: 200
x-served-by: cache-syd10123-SYD, cache-fra19134-FRA
vary: Origin, Accept-Encoding
x-cache: HIT, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
cache-control: public, max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 101
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 1, 0

POST
H2 200 graphql Show response
api.smh.com.au/ 2 KB
710 B 349ms
349ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2fd29eb1173ad614561c0e33a3834bd39577d19794da52aa421f3e2ac10ad3ad

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
status: 200
x-served-by: cache-syd10143-SYD, cache-fra19134-FRA
vary: Accept-Encoding, Origin
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
accept-ranges: bytes, bytes
content-length: 626
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H/1.1 200
OK channels.cgi Show response
fairfaxmedia.gscontxt.net/main/ 978 B
1 KB 226ms
54ms Script
application/javascript 158.101.192.251
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://fairfaxmedia.gscontxt.net/main/channels.cgi?url=https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/europa.e35d307ad5e63f59e3ce.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.101.192.251 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 4ab70be4460230eb96101cb73c24bf515f8970010e1aa60f8534b961145beda6

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 978
Content-Type: application/javascript

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 36ms
36ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCMZ2X6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

2d25f06ba5a1e228262948c457155e24a1d91bfb5dad460bd1dcfe2106011f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11315
x-xss-protection: 0
server: cafe
etag: 17904044164015545428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 04:03:46 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 191ms
50ms XHR
application/json 34.254.111.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=50AB0C3A53DB1B290A490D4D%40AdobeOrg&d_nsid=0&ts=1599105826428

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.111.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-26.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0b49c6515863dca2bc09407c2febdb4ee5d6e3207aed42c653dec4cdd7674ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v079-0193c7da7.edge-irl1.demdex.com 5.77.1.20200812153735 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: akPy68/SQy0=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.smh.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 738
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

7ms
7ms

Script
application/javascript

2600:9000:214f:6600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 01:14:20 GMT
content-encoding: gzip
age: 10167
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 04 May 2020 13:03:46 GMT
server: AmazonS3
etag: W/"485e22c0ad60bcb2677b2f8f9b011e61"
vary: Accept-Encoding
x-amz-version-id: Atg2BNoq_w9GuxA03gYewv2lTFbMKFkY
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: aqid0LMAbTxpRhMoi7ZMBtFMzqOLCkZRBOAzAR_fgXN49LWGKGRQpw==

Redirect headers

status: 301
date: Thu, 03 Sep 2020 04:03:46 GMT
server: awselb/2.0
content-length: 150
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-type: text/html

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 23ms
7ms Script
application/javascript 2600:9000:214f:6600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: n3q_bF37_FBlZH_XRzcQNsIp2iM_eW7C
content-encoding: gzip
etag: "afa0d379b1e6e0a61fad577d0043ff26"
age: 2653
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
date: Thu, 03 Sep 2020 03:19:34 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: WWUeah91cAUxYv1otW8mVISfyDK6SsZuriFus7JFCtrPcGK7AywvPw==

POST
H2 200 tp2 Show response
plow2.streem.com.au/com.snowplowanalytics.snowplow/ 2 B
318 B 945ms
311ms XHR
text/plain 3.24.219.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plow2.streem.com.au/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.24.219.150 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-219-150.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
server: akka-http/10.0.9
status: 200
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
content-length: 2

GET
H/1.1 200
OK adc.js Show response
adc-js.nine.com.au/ 78 KB
22 KB 56ms
7ms Script
application/javascript 2600:9000:2156:9600:7:3896:c640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adc-js.nine.com.au/adc.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9600:7:3896:c640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48fcb83f88c6b3b27c820d40a7cf2fce909c7483e61fbd8b1924996f0f6e4d0d

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 03:58:54 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 24 Aug 2020 02:17:52 GMT
Server: AmazonS3
Age: 293
ETag: W/"b0f7bb4f5c9f8768bbd1f8e95c243907"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 4x1_2vpletVW9yWajF657EAk9gvYBZCQE4qmLeeZAJAE8_DiVi-S7g==

GET
H2 200 collect.js Show response
10510523.collect.igodigital.com/ 9 KB
2 KB 419ms
141ms Script
application/javascript 52.207.52.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://10510523.collect.igodigital.com/collect.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCMZ2X6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.52.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-52-76.compute-1.amazonaws.com
Software: /
Resource Hash: 4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 19:37:17 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H3-Q050

200

activityi;dc_pre=CKqU_7WNzOsCFVuWdwoduvwILw;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5
6588526.fls.doubleclick.net/ Frame 8015
Redirect Chain

https://6588526.fls.doubleclick.net/activityi;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5?
https://6588526.fls.doubleclick.net/activityi;dc_pre=CKqU_7WNzOsCFVuWdwoduvwILw;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7...

0
0

81ms
47ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6588526.fls.doubleclick.net/activityi;dc_pre=CKqU_7WNzOsCFVuWdwoduvwILw;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5?

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6588526.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKqU_7WNzOsCFVuWdwoduvwILw;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 469
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 03-Sep-2020 04:18:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6588526.fls.doubleclick.net/activityi;dc_pre=CKqU_7WNzOsCFVuWdwoduvwILw;src=6588526;type=smhen0;cat=smhar0;u3=[Frequency];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7651530700836.5?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 6ms
6ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20ShortlistContainerQuery(%20%24deviceId%3A%20String%20%24first%3A%20Int!%20%24after%3A%20String%20)%20%7B%20readingHistory%20%7B%20error%20%7B%20message%20type%20%7D%20readingHistory%20%7B%20...HistoryTab_history%20id%20%7D%20%7D%20shortlist(deviceId%3A%20%24deviceId)%20%7B%20error%20%7B%20message%20type%20%7D%20shortlist%20%7B%20items%20%7B%20assetId%20shortlistedDate%20id%20%7D%20...ShortlistTab_shortlist%20id%20%7D%20%7D%20%7D%20fragment%20HistoryTab_history%20on%20ReadingHistory%20%7B%20assetsConnection(first%3A%20%24first%2C%20after%3A%20%24after)%20%7B%20edges%20%7B%20cursor%20node%20%7B%20id%20asset%20%7B%20headlines%20%7B%20headline%20%7D%20%7D%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20square1x1%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20%7D%20assetType%20__typename%20%7D%20%7D%20pageInfo%20%7B%20endCursor%20hasNextPage%20%7D%20%7D%20%7D%20fragment%20ShortlistTab_shortlist%20on%20Shortlist%20%7B%20items%20%7B%20assetId%20shortlistedDate%20id%20%7D%20assetsConnection(first%3A%20%24first%2C%20after%3A%20%24after)%20%7B%20edges%20%7B%20cursor%20node%20%7B%20id%20asset%20%7B%20headlines%20%7B%20headline%20%7D%20%7D%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20landscape3x2%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20square1x1%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20%7D%20assetType%20__typename%20%7D%20%7D%20pageInfo%20%7B%20endCursor%20hasNextPage%20%7D%20%7D%20%7D%20&variables=%7B%22deviceId%22%3A%2207aba1f0-bcd8-4c50-bd97-79c035342912%22%2C%22first%22%3A10%2C%22after%22%3Anull%7D
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105826.474439,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

GET
H2 200 p.js Show response
cdn.parsely.com/keys/smh.com.au/ 64 KB
23 KB 91ms
32ms Script
application/x-javascript 13.35.255.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/smh.com.au/p.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.255.237 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-255-237.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 5a867d0c8d5d8dfbdafc4b9d1dc17d3b9048e7c66c8abaaeab54685532ee8c09

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Sep 2020 08:22:55 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 16:48:04 GMT
server: nginx
age: 70829
etag: W/"5f283fc4-101be"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 5sOJxuBn2C6HjKqcKTIf7Au8qCkbTV6bz33h8qT_r_C4KeXXJjsSQg==
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
expires: Thu, 03 Sep 2020 08:22:55 GMT

GET
H2 200 graphql Show response
api.smh.com.au/ 354 B
362 B 317ms
316ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20ShortlistContainerQuery(%20%24deviceId%3A%20String%20%24first%3A%20Int!%20%24after%3A%20String%20)%20%7B%20readingHistory%20%7B%20error%20%7B%20message%20type%20%7D%20readingHistory%20%7B%20...HistoryTab_history%20id%20%7D%20%7D%20shortlist(deviceId%3A%20%24deviceId)%20%7B%20error%20%7B%20message%20type%20%7D%20shortlist%20%7B%20items%20%7B%20assetId%20shortlistedDate%20id%20%7D%20...ShortlistTab_shortlist%20id%20%7D%20%7D%20%7D%20fragment%20HistoryTab_history%20on%20ReadingHistory%20%7B%20assetsConnection(first%3A%20%24first%2C%20after%3A%20%24after)%20%7B%20edges%20%7B%20cursor%20node%20%7B%20id%20asset%20%7B%20headlines%20%7B%20headline%20%7D%20%7D%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20square1x1%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20%7D%20assetType%20__typename%20%7D%20%7D%20pageInfo%20%7B%20endCursor%20hasNextPage%20%7D%20%7D%20%7D%20fragment%20ShortlistTab_shortlist%20on%20Shortlist%20%7B%20items%20%7B%20assetId%20shortlistedDate%20id%20%7D%20assetsConnection(first%3A%20%24first%2C%20after%3A%20%24after)%20%7B%20edges%20%7B%20cursor%20node%20%7B%20id%20asset%20%7B%20headlines%20%7B%20headline%20%7D%20%7D%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20landscape3x2%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20square1x1%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20%7D%20assetType%20__typename%20%7D%20%7D%20pageInfo%20%7B%20endCursor%20hasNextPage%20%7D%20%7D%20%7D%20&variables=%7B%22deviceId%22%3A%2207aba1f0-bcd8-4c50-bd97-79c035342912%22%2C%22first%22%3A10%2C%22after%22%3Anull%7D
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 594caaa6dca194cb22f38d08fd456afd6d57089d43b5705e8d8bbd3065e5a702

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
age: 0, 0, 0, 0
status: 200
x-served-by: cache-syd10131-SYD, cache-fra19134-FRA
vary: Accept-Encoding, Origin
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes, bytes, bytes
content-length: 271
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 3231484ec384b26878494dea8a01c858c4221292
static.ffx.io/images/$width_72%2C$height_72/t_crop_fill/q_86%2Cf_auto/ 2 KB
2 KB 9ms
8ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$width_72%2C$height_72/t_crop_fill/q_86%2Cf_auto/3231484ec384b26878494dea8a01c858c4221292
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: af4420e27b547949e323639a9adf9a644714745c7a6e2dfc48fdd104b75ce0b5

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 567240
edge-cache-tag: 254563169890129752145118536326216831987,469768752876744043667785109217088503418,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="3231484ec384b26878494dea8a01c858c4221292.webp"
content-length: 1566
x-cld-skey: 254563169890129752145118536326216831987 469768752876744043667785109217088503418 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Mon, 24 Feb 2020 04:33:47 GMT
server: cloudinary
x-timer: S1599105827.505685,VS0,VE1
etag: "02aefbb39a23899a5dd752c11bbce109"
x-served-by: cache-fra19138-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 3231484ec384b26878494dea8a01c858c4221292
static.ffx.io/images/$width_80%2C$height_80/t_crop_fill/q_86%2Cf_auto/ 2 KB
2 KB 8ms
8ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$width_80%2C$height_80/t_crop_fill/q_86%2Cf_auto/3231484ec384b26878494dea8a01c858c4221292
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9b4b0d4eef1ba20c265876d97f800d329b258f16a01933ec16c9ce4198516154

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 4302661
edge-cache-tag: 254563169890129752145118536326216831987,457855607882490082791711603995113743053,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="3231484ec384b26878494dea8a01c858c4221292.webp"
content-length: 1716
x-cld-skey: 254563169890129752145118536326216831987 457855607882490082791711603995113743053 5f5f4219172da4ec8104790896b11172
x-cache: HIT, HIT
last-modified: Mon, 24 Feb 2020 10:07:40 GMT
server: cloudinary
x-timer: S1599105827.505672,VS0,VE1
etag: "7331062781c0198acbee959e9399e47c"
x-served-by: cache-fra19123-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 04:03:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 20:40:54 GMT
Server: ECS (fcn/41AF)
Age: 392
Etag: "a58136137a93f33c1d165df7d4d973f8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28881

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 141 KB
48 KB 99ms
32ms Script
application/x-javascript 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/Asset.46a0add0588bdc1f39af.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 555c4efa0453400bc9611ce7f1185fd34a452e5dda94fe47a207afe6b17be293

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 11:34:11 GMT
status: 200
etag: W/"235a9-3MOzT48M88SG8ezVOLKLzyAyLWc"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 48258
expires: Thu, 03 Sep 2020 08:03:46 GMT

GET
H2 200 879107572176501 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/879107572176501?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

612a7fe1467b42ac68f5c91131f58c106ee4d322625da1324e7e61c43426a2a3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134991
x-xss-protection: 0
pragma: public
x-fb-debug: 7XJuM5Zko4+H+Ic3Ai6isGBtJnPySGxurpee/dbBl5GGf6NM/pFPXJfwaNvI36WKbPET8tXZtQhX+yb4BI3wFA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 03 Sep 2020 04:03:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
193 B 13ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=306057871&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&dp=%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&ul=en-us&de=UTF-8&dt=Coronavirus%3A%20China%20state-sponsored%20hackers%20APT%20TA413%20target%20personal%20computers%20for%20COVID-19%20intelligence&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=context&ea=initialized&el=optimizely&ev=0&_u=aGDAAEALAAAAAC~&jid=1747712588&gjid=927533093&cid=109058600.1599105826&tid=UA-91053368-4&_gid=1407265983.1599105826&_r=1&gtm=2wg8q1TCMZ2X6&cd12=false&cd13=&cd14=&cd15=GA1.3.109058600.1599105826&cd16=0&cd27=(not%20set)&cd42=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&cd47=0.642&cd51=&cd52=&cd57=false&cd60=&z=714325160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.smh.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=306057871&t=pageview&_s=1&dl=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&dp=%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20target%20emails%20with%20WHO%2C%20Australian%20Medical%20Association%20campaigns&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALAAAAAC~&jid=1076642046&gjid=422046279&cid=109058600.1599105826&tid=UA-91053368-4&_gid=1407265983.1599105826&_r=1&cd1=smh&cd2=2020-09-03T01%3A56%3A18%2B00%3A00&cd3=2020-09-03T01%3A56%3A18%2B00%3A00&cd4=Eryk%20Bagshaw&cd5=WEB&cd6=3684AD38-43BF-4965-86B5-23A6FA3B56EB&cd7=Article&cd8=world&cd9=Asia&cd10=authoring&cd11=p55rwy&cd12=false&cd13=&cd14=visitor&cd15=GA1.3.109058600.1599105826&cd16=&cd17=&cd18=&cd21=fairfax%20media%20australia&cd22=cyber%20warfare%2Cworld%20health%20organisation%2Cchina%2Cchina%20relations%2Ccoronavirus%20pandemic&cd23=Cyber%20warfare&cd24=&cd25=Exclusive&cd26=&cd27=&cd28=P455839AC-95DF-4ED7-8966-E66F3202718E&cd29=smh.com.au-world&cd30=&cd31=Image%7CPlista%7CRelatedStory%7CVideo&cd32=&cd33=07aba1f0-bcd8-4c50-bd97-79c035342912&cd34=&cd35=&cd37=&cd38=&cd39=false&cd40=desktop&cd41=&cd42=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&cd43=&cd44=&cd45=&cd46=Chinese%20hackers%20target%20emails%20with%20WHO%2C%20Australian%20Medical%20Association%20campaigns&cd47=0.92&cd48=&cd49=temp.render-web.dubrovnik%2Ctemp.render-web.homepage-top-stories&cd50=temp.render-web.dubrovnik%3A%20false%2C%20temp.render-web.homepage-top-stories%3A%20true&cd51=&cd52=&cd53=&cd55=0&cd56=visitor&cd57=0&cd58=0&cd59=&z=1740576742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.smh.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2600:9000:214f:6600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: __18ln110DzIeDzBUZGawAoUEY8dO7wW
content-encoding: gzip
etag: "931051f801612c3a0e2782961ac3d56c"
age: 1808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
date: Thu, 03 Sep 2020 03:33:39 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: pMZE4DLDPsuHiCNUp772_aNbvial_kUTq4oGTy_xM_1BtYaN95Z60w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1024966411/ 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1024966411/?random=1599105826624&cv=9&fst=1599105826624&num=1&label=8BTjCLXqgAQQi_7e6AM&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&tiba=Coronavirus%3A%20China%20state-sponsored%20hackers%20APT%20TA413%20target%20personal%20computers%20for%20COVID-19%20intelligence&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

211eb9786d8a5d3b6a1fcda2b03d01343c519f1edd8df736940588169ec8f1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1198
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 31ms
12ms Stylesheet
text/css 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 84
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5809
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:52:22 GMT

GET
H3-Q050 200 serviceiframe
news.google.com/swg/_/ui/v1/ Frame CE21 0
0 92ms
92ms Document
text/html 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=444196

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NltbUE25O8TSv0VG0Jkd2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-NltbUE25O8TSv0VG0Jkd2g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=444196
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=MPJm2Gv5h3m6wWoBV_L2Lw_OAYnHdgSH8z6_AOTH82ajNAXCJ1Kn21vzew0aiOd1A6GERU90ZgRqVvzDql66LtQdSArYupXHEM-ecsIapoxm3HWguxq9yQmeRlspHt-WP05L3Q0ihoDZTiYCgHu0gTgWRCbU0DnDg5OtlRBXqmQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 03 Sep 2020 04:03:46 GMT
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-NltbUE25O8TSv0VG0Jkd2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-NltbUE25O8TSv0VG0Jkd2g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 6ms
6ms Other
image/svg+xml 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 03:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 1439
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:29:47 GMT

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 7ms
7ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20UpdatedPaywallRulesQuery(%20%24brand%3A%20String!%20)%20%7B%20paywallRules%3A%20paywallRules(brand%3A%20%24brand)%20%7B%20...UpdatedPaywallRulesFragment_paywallRulesData%20%7D%20%7D%20fragment%20UpdatedPaywallRulesFragment_paywallRulesData%20on%20Rules%20%7B%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20meters_variants%20%7B%20referrers%20%7B%20domains%20%7D%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20category%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20%7D%20paywall%20%7B%20enabled%20exceptions%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20referrers_variants%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20sponsored%20%7D%20inclusions%20%7B%20tags%20%7D%20limit%20limit_variants%20%7B%20newSession%20%7B%20limit%20%7D%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20tags%20%7D%20%7D%20%7D%20fragment%20PromptFragment_prompt%20on%20Prompt%20%7B%20callToAction%20countRemaining%20message%20swgMessage%20style%20subscriptionURL%20title%20%7D%20fragment%20SwgPromptFragment_swgPrompt%20on%20SWGPrompt%20%7B%20message%20package%20price%20subscriptionURL%20title%20%7D%20&variables=%7B%22brand%22%3A%22smh%22%7D
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105827.678588,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

GET
H2 200 graphql Show response
api.smh.com.au/ 24 KB
2 KB 1261ms
1260ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20UpdatedPaywallRulesQuery(%20%24brand%3A%20String!%20)%20%7B%20paywallRules%3A%20paywallRules(brand%3A%20%24brand)%20%7B%20...UpdatedPaywallRulesFragment_paywallRulesData%20%7D%20%7D%20fragment%20UpdatedPaywallRulesFragment_paywallRulesData%20on%20Rules%20%7B%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20meters_variants%20%7B%20referrers%20%7B%20domains%20%7D%20meters%20%7B%20count%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20category%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20%7D%20%7D%20%7D%20paywall%20%7B%20enabled%20exceptions%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20referrers_variants%20%7B%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20sponsored%20%7D%20inclusions%20%7B%20tags%20%7D%20limit%20limit_variants%20%7B%20newSession%20%7B%20limit%20%7D%20referrers%20%7B%20domains%20limit%20%7D%20%7D%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20promptVariants%20%7B%20categories%20prompt%20%7B%20...PromptFragment_prompt%20%7D%20swgPrompt%20%7B%20...SwgPromptFragment_swgPrompt%20%7D%20tags%20%7D%20%7D%20%7D%20fragment%20PromptFragment_prompt%20on%20Prompt%20%7B%20callToAction%20countRemaining%20message%20swgMessage%20style%20subscriptionURL%20title%20%7D%20fragment%20SwgPromptFragment_swgPrompt%20on%20SWGPrompt%20%7B%20message%20package%20price%20subscriptionURL%20title%20%7D%20&variables=%7B%22brand%22%3A%22smh%22%7D
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c7911061a56c9d18f1e4279f60a4a48e7049dab3c8a61b643106bf250a9272f

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
status: 200
x-served-by: cache-syd10149-SYD, cache-fra19134-FRA
vary: Accept-Encoding, Origin
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H/1.1 200
OK Cookie set dest5.html
nd.demdex.net/ Frame 7589 0
0 247ms
51ms Document
text/html 52.208.212.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.212.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-212-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: nd.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=75620917634465337720407927550618140237
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 13 Aug 2020 11:32:32 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=75620917634465337720407927550618140237;Path=/;Domain=.demdex.net;Expires=Tue, 02-Mar-2021 04:03:46 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: cZKsqPA6Sck=
Content-Length: 2785
Connection: keep-alive

POST
H/1.1 200
OK event Show response
nd.demdex.net/ 2 KB
2 KB 260ms
58ms XHR
application/json 52.208.212.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.demdex.net/event?_ts=1599105826431

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.212.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-212-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5b03716e43264c47d278d5b8d90b02560166c25746d4b53da5a91605f8ea9ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v079-0c736e0ee.edge-irl1.demdex.com 5.77.1.20200812153735 6ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4j0tQUdXQBw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.smh.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1547
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X1BrIgAABMw87i3-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=75620917634465337720407927550618140237
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1BrIgAABMw87i3-

42 B
915 B

49ms
48ms

Image
image/gif

34.254.111.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1BrIgAABMw87i3-

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.111.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-26.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v079-02b46ffaf.edge-irl1.demdex.com 5.77.1.20200812153735 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: MD0HMGOeQiM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 03 Sep 2020 04:03:45 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1BrIgAABMw87i3-
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 41ms
40ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-91053368-4&cid=109058600.1599105826&jid=1747712588&gjid=927533093&_gid=1407265983.1599105826&_u=aGDAAEAKAAAAAC~&z=1172942645

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 03 Sep 2020 04:03:46 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.smh.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
69 B 40ms
40ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-91053368-4&cid=109058600.1599105826&jid=1076642046&gjid=422046279&_gid=1407265983.1599105826&_u=aGDAAEALAAAAAC~&z=1840583273

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 03 Sep 2020 04:03:46 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.smh.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/smh.com.au/ 2 B
253 B 32ms
30ms Fetch
application/json 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/smh.com.au/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.smh.com.au
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 graphql Show response
api.smh.com.au/ 165 B
253 B 317ms
316ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20AudienceSegmentsQuery(%20%24userId%3A%20String!%20)%20%7B%20audienceSegments(userId%3A%20%24userId)%20%7B%20error%20%7B%20message%20type%20%7B%20__typename%20class%20%7D%20%7D%20segments%20%7B%20engagementSegment%20%7B%20batchTime%20userSegment%20%7D%20type%20%7D%20%7D%20%7D%20&variables=%7B%22userId%22%3A%2241b515ae-d384-45f1-8021-6ca589999d2e%22%7D
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 29d8b303881b8d43efaf55fe6f12ce62c94862aabb075a8bef18afe31d16cd2f

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
age: 0
status: 200
x-served-by: cache-syd10151-SYD, cache-fra19134-FRA
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
cache-control: public, max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 6ms
5ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20AudienceSegmentsQuery(%20%24userId%3A%20String!%20)%20%7B%20audienceSegments(userId%3A%20%24userId)%20%7B%20error%20%7B%20message%20type%20%7B%20__typename%20class%20%7D%20%7D%20segments%20%7B%20engagementSegment%20%7B%20batchTime%20userSegment%20%7D%20type%20%7D%20%7D%20%7D%20&variables=%7B%22userId%22%3A%2241b515ae-d384-45f1-8021-6ca589999d2e%22%7D
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105827.778115,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 953D 0
0 27ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fwww.smh.com.au
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4187) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 99695
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Sep 2020 04:03:46 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 01 Sep 2020 17:58:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4187)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H2 200 314019156466282 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/314019156466282?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03fe3d47dfc75ec3a02552ec71c4adac62181a2fc03b397a5aee3db416a4d163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134826
x-xss-protection: 0
pragma: public
x-fb-debug: 5O476WgAITroxwvbpHGmHvbFB28QyhZJyjmm4+Jas8QQ0h7kGigxBZJhitU0C9/kAyGRo830oiXf9e72GL21jQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 03 Sep 2020 04:03:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
264 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=879107572176501&ev=PageView&dl=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&rl=&if=false&ts=1599105826879&sw=1600&sh=1200&v=2.9.24&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1599105826877.829764976&it=1599105826582&coo=false&rqm=GET

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 03 Sep 2020 04:03:46 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 26ms
24ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-91053368-4&cid=109058600.1599105826&jid=1747712588&_u=aGDAAEAKAAAAAC~&z=2057821967

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 17ms
16ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-91053368-4&cid=109058600.1599105826&jid=1747712588&_u=aGDAAEAKAAAAAC~&z=2057821967

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 20ms
6ms Script
application/javascript 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
status: 200
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-hhn4069-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 431006

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://www.smh.com.au
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

OPTIONS
H/1.1 200
OK 6165917011001
edge.api.brightcove.com/playback/v1/accounts/3910869709001/videos/ Frame 0
0 492ms
122ms Other 3.221.240.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/3910869709001/videos/6165917011001

Protocol

HTTP/1.1

Server

3.221.240.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-240-86.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: accept
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
BCOV-instance: i-051bd917312a1b9ae, 0d20113, 2020-09-03 04:03:47.515Z
BCOV-REQUEST-ID: 54836744-b55d-44a7-8ec8-69adcd39b9ca
Cache-Control: max-age=0, no-cache, no-store
Date: Thu, 03 Sep 2020 04:03:47 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Originating-URL: https://edge.api.brightcove.com/playback/v1/accounts/3910869709001/videos/6165917011001
Content-Length: 0
Connection: keep-alive

OPTIONS
H2 200 graphql
api.smh.com.au/ Frame 0
0 8ms
8ms Other 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20LatestAssetsQuery(%20%24brand%3A%20String!%20%24categories%3A%20%5BInt!%5D%20%24count%3A%20Int!%20%24render%3A%20String!%20%24types%3A%20%5BAssetType!%5D!%20)%20%7B%20latestAssets(brand%3A%20%24brand%2C%20categories%3A%20%24categories%2C%20count%3A%20%24count%2C%20render%3A%20%24render%2C%20types%3A%20%24types)%20%7B%20...AssetFragmentFragment_assetData%20id%20%7D%20%7D%20fragment%20AssetFragmentFragment_assetData%20on%20Asset%20%7B%20id%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20totalImages%20%7D%20label%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20external%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20assetType%20dates%20%7B%20modified%20published%20%7D%20sponsor%20%7B%20name%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&variables=%7B%22brand%22%3A%22smh%22%2C%22count%22%3A6%2C%22render%22%3A%22web%22%2C%22types%22%3A%5B%22video%22%5D%2C%22categories%22%3A%5B72%5D%7D
Protocol: H2
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
server: Varnish
retry-after: 0
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Authorization, Content-Type, Ffxauthorization, Ffxsession, Sec-Fetch-Mode, x-wp-nonce
access-control-max-age: 600
accept-ranges: bytes
date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1599105827.110748,VS0,VE0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 299 KB
103 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df43c89d3005f2633212a6f6e9dafc1683ac402024ad05ab91b1ac50500d76e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104972
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:03:47 GMT

GET
H/1.1 200
OK 6165917011001 Show response
edge.api.brightcove.com/playback/v1/accounts/3910869709001/videos/ 3 KB
3 KB 124ms
124ms XHR
application/json 3.221.240.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/3910869709001/videos/6165917011001

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.240.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-240-86.compute-1.amazonaws.com

Software

Resource Hash

80c2173fca254071ebd7c636f018c2a59d4844ee3451f3e83a8e2efb588026fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM2NV5FAQFyTZYWdNAxlCI9DcJ-_KJXZb45meqqlgz82zreoi8Bfe3dEE8mrhE6JtHDs06dJQ44vZo7v-avd_WOocm4cZvoyyq8fDkoiH_4hzPy8wUoSYcTm995KYr24uyzgfOv1
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

BCOV-instance: i-0b10bfe797dfcb480, 0d20113, 2020-09-03 04:03:47.636Z
BCOV-REQUEST-ID: 4886fc7d-061c-4fff-84f9-1069ecfdfded
Date: Thu, 03 Sep 2020 04:03:47 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge.api.brightcove.com/playback/v1/accounts/3910869709001/videos/6165917011001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=404
Connection: keep-alive
Content-Length: 2750

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
175 B 82ms
41ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 03 Sep 2020 04:03:47 GMT
content-type: image/gif
status: 200
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 83ms
42ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 03 Sep 2020 04:03:47 GMT
content-type: image/gif
status: 200
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35

GET
H2 200 graphql Show response
api.smh.com.au/ 10 KB
2 KB 316ms
315ms Fetch
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smh.com.au/graphql?query=query%20LatestAssetsQuery(%20%24brand%3A%20String!%20%24categories%3A%20%5BInt!%5D%20%24count%3A%20Int!%20%24render%3A%20String!%20%24types%3A%20%5BAssetType!%5D!%20)%20%7B%20latestAssets(brand%3A%20%24brand%2C%20categories%3A%20%24categories%2C%20count%3A%20%24count%2C%20render%3A%20%24render%2C%20types%3A%20%24types)%20%7B%20...AssetFragmentFragment_assetData%20id%20%7D%20%7D%20fragment%20AssetFragmentFragment_assetData%20on%20Asset%20%7B%20id%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20totalImages%20%7D%20label%20urls%20%7B%20canonical%20%7B%20path%20brand%20%7D%20external%20published%20%7B%20brisbanetimes%20%7B%20path%20%7D%20canberratimes%20%7B%20path%20%7D%20smh%20%7B%20path%20%7D%20theage%20%7B%20path%20%7D%20watoday%20%7B%20path%20%7D%20%7D%20%7D%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20assetType%20dates%20%7B%20modified%20published%20%7D%20sponsor%20%7B%20name%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20animated%20aspect%20autocrop%20cropWidth%20id%20mimeType%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&variables=%7B%22brand%22%3A%22smh%22%2C%22count%22%3A6%2C%22render%22%3A%22web%22%2C%22types%22%3A%5B%22video%22%5D%2C%22categories%22%3A%5B72%5D%7D
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/assets/client.cc6711fb17ccf9e0516d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5179b05f74c33f1510e6ebc2e00b13da0b2995f28789edb2b87a4556961f93e3

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
age: 6
status: 200
x-served-by: cache-syd10127-SYD, cache-fra19134-FRA
vary: Accept-Encoding, Origin
x-cache: HIT, MISS
content-type: application/json
access-control-allow-origin: https://www.smh.com.au
cache-control: public, max-age=30
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1892
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 1, 0

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
87 B 21ms
21ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-91053368-4&cid=109058600.1599105826&jid=1076642046&_u=aGDAAEALAAAAAC~&z=1052255124

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-91053368-4&cid=109058600.1599105826&jid=1076642046&_u=aGDAAEALAAAAAC~&z=1052255124

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eaf6727b8eea9ad6da01d2f1.js Show response
static.plista.com/async/pub/ 43 KB
5 KB 117ms
36ms Script
application/javascript 138.201.125.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.plista.com/async/pub/eaf6727b8eea9ad6da01d2f1.js

Requested by

Host: static-au.plista.com
URL: https://static-au.plista.com/async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.201.125.235 Kuenzelsau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.235.125.201.138.clients.your-server.de

Software

nginx /

Resource Hash

c6cdb5def9e45b073ad12a883c4efa5c7b57cb8ebe31b6b8bf0eec2fbe5696b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 03:51:55 GMT
server: nginx
age: 710
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate
x-varnish: 128964565 128626111
accept-ranges: bytes
content-length: 4633
via: 1.1 varnish-v4
expires: Fri, 04 Sep 2020 03:51:56 GMT

GET
H2 200 P455839AC-95DF-4ED7-8966-E66F3202718E.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 387ms
386ms Script
application/javascript 2600:9000:214f:6600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P455839AC-95DF-4ED7-8966-E66F3202718E.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0e4161e6360aa1ccac20398c08123e2855c3c08f0508ef50e0f8a869125a0b2

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: gEMLRpMi7xjsMsAVa0eCwNYf.d1ucV_h
content-encoding: gzip
etag: "6a0241cc18983b8a43ebee189091505d"
last-modified: Wed, 02 Sep 2020 11:15:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400,s-maxage=86400
date: Thu, 03 Sep 2020 04:03:48 GMT
x-amz-cf-id: JafmJfqpA9DQVNiC2xuJ7Bbd55ZzbYDRjDZ-LAzKNZj2NMJAF1c3bw==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame 2204 0
0 119ms
98ms Document
text/html 2600:9000:214f:d400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:d400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
content-type: text/html
vary: Accept-Encoding
date: Thu, 03 Sep 2020 04:03:47 GMT
server: nginx
last-modified: Fri, 28 Aug 2020 19:49:15 GMT
etag: W/"5f495fbb-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: YaDbc3x1wb5WX8TsQ08qsQBo21WKSj_ErpfnIEPvd3ST2BV8Ic1Htg==

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.smh.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
868 B 36ms
22ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.smh.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
15 KB 958ms
957ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=322205654367992&correlator=2079038362873492&output=ldjh&impl=fifs&eid=21067355%2C21066995%2C21066393&vrg=2020083101&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200903&iu_parts=21671780509%2Csmh%2Cworld%2Casia%2Ccyberwarfare&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C300x600%7C300x250%7C160x600&prev_scp=lazyAd%3Dfalse%26pos%3D1%7ClazyAd%3Dfalse%26pos%3D2%7ClazyAd%3Dfalse%26pos%3D3&cust_params=adKitVersion%3D2.0.6%26autoRefresh%3Dfalse%26brms%3Dtrue%26brvs%3Dtrue%26deployEnv%3Dproduction%26layout%3Dblue%26pageid%3Dp55rwy%26pageviewid%3D3684AD38-43BF-4965-86B5-23A6FA3B56EB%26swgt%3Dna%26sysEnv%3Ddesktop%26cat2%3Dcyberwarfare%26csub%3Dvisitor%26tag%3Dworldhealthorganisation%252Cchina%252Cchinarelations%252Ccoronaviruspandemic%26ctype%3Darticle%26cat%3Dworld%26cat1%3Dasia%26gs_cat%3Dmayohardware_thermalbodycameras%252Cneg_custom_freestyle_libre%252Cmicrosoft_kwbl%252Cmicrosoft_master_kwbl%252Cgs_health_misc%252Cgs_health%252Cgs_covid19%252Cneg_ninepub_covid19%252Cninepub_covid19%252Cunhcr-emergency%252Cneg_custom_mondelez%252Camex_master_kwbl%252Cffx_volkswagen_kw_blacklist%252Ccommsec_negativekeywords%252Cnab_kwbl%252Cnab_neg_kw%252Cubank_kwbl%252Cneg_ffx_officeworks_kwbl%252Cneg_custom_mondelez2020%252Cneg_mcdonalds_kwbl%252Cneg_custom_hermes%252Cbushfires%252Clogmein_meetings_predts%252Cgs_tech_computing%252Cxero_kwbl%252Camex_kwbl%252Cbtfinancial_kwbl%252Clandcorp_kwbl%252Cproductivity%252Cgs_tech%252Cgs_entertain%252Cneg_nestle_master%252Cgs_politics_misc%252Cneg_ffx_anzbank_kwbl%252Cneg_us_protests%252Csubaru_master_kwbl%252Caccounting_students_predts%252Cgv_crime%252Cneg_ffx_crime_other%252Cxero_competitors_predts%252Cbanking_kwbl%252Cwoolworths_retail_vertical%252Cnsw_electoral_commission%252Css_marriage_kwbl%252Cneg_cadreon_master_kwbl%252Ctech_internet_security%252Cairlines_kwbl%252Cjacobscreek_alcohol_kwbl&cookie_enabled=1&bc=31&abxe=1&lmt=1599105827&dt=1599105827181&dlt=1599105825521&idt=1069&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C236&adys=128%2C1696%2C2437&adks=819384622%2C819384623%2C3516638462&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&dssz=70&icsg=4221987917396992&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1168x250%7C1168x300%7C340x600&msz=1168x250%7C1168x250%7C340x600&ga_vid=109058600.1599105826&ga_sid=1599105827&ga_hid=306057871&fws=4%2C4%2C4&ohw=1600%2C1600%2C300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

96e63d753085af20ed4a940ab68790cbda129fa0422631ad4d88d54809d6c124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14444
x-xss-protection: 0
google-lineitem-id: 5368903156,5417359639,5350718837
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138313446246,138316862710,138319830452
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.smh.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
37ac4d546e950ab7398636e36d4f7ac4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 31ms
14ms Other
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://37ac4d546e950ab7398636e36d4f7ac4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 8ms
6ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
13 KB 1282ms
1281ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=322205654367992&correlator=2079038362873492&output=ldjh&impl=fifs&eid=21067355%2C21066995%2C21066393&vrg=2020083101&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200903&iu_parts=21671780509%2Csmh%2Cworld%2Casia%2Ccyberwarfare&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C320x50%7C6x2&fluid=0%2Cheight&prev_scp=lazyAd%3Dfalse%26pos%3D2%7ClazyAd%3Dfalse%26pos%3D1%26nativesz%3D6x2&cust_params=adKitVersion%3D2.0.6%26autoRefresh%3Dfalse%26brms%3Dtrue%26brvs%3Dtrue%26deployEnv%3Dproduction%26layout%3Dblue%26pageid%3Dp55rwy%26pageviewid%3D3684AD38-43BF-4965-86B5-23A6FA3B56EB%26swgt%3Dna%26sysEnv%3Ddesktop%26cat2%3Dcyberwarfare%26csub%3Dvisitor%26tag%3Dworldhealthorganisation%252Cchina%252Cchinarelations%252Ccoronaviruspandemic%26ctype%3Darticle%26cat%3Dworld%26cat1%3Dasia%26gs_cat%3Dmayohardware_thermalbodycameras%252Cneg_custom_freestyle_libre%252Cmicrosoft_kwbl%252Cmicrosoft_master_kwbl%252Cgs_health_misc%252Cgs_health%252Cgs_covid19%252Cneg_ninepub_covid19%252Cninepub_covid19%252Cunhcr-emergency%252Cneg_custom_mondelez%252Camex_master_kwbl%252Cffx_volkswagen_kw_blacklist%252Ccommsec_negativekeywords%252Cnab_kwbl%252Cnab_neg_kw%252Cubank_kwbl%252Cneg_ffx_officeworks_kwbl%252Cneg_custom_mondelez2020%252Cneg_mcdonalds_kwbl%252Cneg_custom_hermes%252Cbushfires%252Clogmein_meetings_predts%252Cgs_tech_computing%252Cxero_kwbl%252Camex_kwbl%252Cbtfinancial_kwbl%252Clandcorp_kwbl%252Cproductivity%252Cgs_tech%252Cgs_entertain%252Cneg_nestle_master%252Cgs_politics_misc%252Cneg_ffx_anzbank_kwbl%252Cneg_us_protests%252Csubaru_master_kwbl%252Caccounting_students_predts%252Cgv_crime%252Cneg_ffx_crime_other%252Cxero_competitors_predts%252Cbanking_kwbl%252Cwoolworths_retail_vertical%252Cnsw_electoral_commission%252Css_marriage_kwbl%252Cneg_cadreon_master_kwbl%252Ctech_internet_security%252Cairlines_kwbl%252Cjacobscreek_alcohol_kwbl&cookie_enabled=1&bc=31&abxe=1&lmt=1599105827&dt=1599105827203&dlt=1599105825521&idt=1069&frm=20&biw=1600&bih=1200&oid=3&adxs=236%2C383&adys=2011%2C2301&adks=2675478683%2C1047097616&ucis=4%7C5&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&dssz=70&icsg=4221987917396992&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x250%7C300x426&msz=340x250%7C300x112&ga_vid=109058600.1599105826&ga_sid=1599105827&ga_hid=306057871&fws=4%2C4&ohw=300%2C300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e1f594e1147f437b18a5feb0c8821e7e94aea25b68af7e6fab5da51b44dab310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
google-lineitem-id: 5350718837,5397688074
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315143911,138319429804
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.smh.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1024966411/ 42 B
65 B 29ms
27ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1024966411/?random=1599105826624&cv=9&fst=1599105600000&num=1&label=8BTjCLXqgAQQi_7e6AM&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&tiba=Coronavirus%3A%20China%20state-sponsored%20hackers%20APT%20TA413%20target%20personal%20computers%20for%20COVID-19%20intelligence&async=1&fmt=3&is_vtc=1&random=2660394230&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1024966411/ 42 B
65 B 19ms
18ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1024966411/?random=1599105826624&cv=9&fst=1599105600000&num=1&label=8BTjCLXqgAQQi_7e6AM&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&tiba=Coronavirus%3A%20China%20state-sponsored%20hackers%20APT%20TA413%20target%20personal%20computers%20for%20COVID-19%20intelligence&async=1&fmt=3&is_vtc=1&random=2660394230&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 206
Partial Content d750efae-a3e8-4d67-99ea-78a22de4a221
https://www.smh.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/d750efae-a3e8-4d67-99ea-78a22de4a221
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content b7c0e0cd-7691-4cac-aeba-54e16f002195
https://www.smh.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/b7c0e0cd-7691-4cac-aeba-54e16f002195
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 605d3955-4183-4254-832a-784e90cbb88c
https://www.smh.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/605d3955-4183-4254-832a-784e90cbb88c
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 958da911-6c0b-4ca5-8136-df16dacfb50d
https://www.smh.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/958da911-6c0b-4ca5-8136-df16dacfb50d
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 200
OK 898580bc-e2d8-4d1c-ae73-299baba16dd9
https://www.smh.com.au/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/898580bc-e2d8-4d1c-ae73-299baba16dd9
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 42ms
42ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=ea8f16cf8bffa236d99bf601&account=3910869709001&destination=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&platform_version=6.45.3&player=players.brightcove.com%2F3910869709001%2FHylmeNWLjl_default&player_name=%22Blue%22%20Metro%20Production%20Player&source=&usage=bc-used-as-getter&usage=inpage-embed&event=player_load&time=1599105827254&qos.events.content.volumechange=1599105827234&qos.performance.memory.jsHeapSizeLimit=4294705152&qos.performance.memory.usedJSHeapSize=31825830&qos.performance.memory.totalJSHeapSize=38406486&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1599105826040&qos.performance.timing.domContentLoadedEventStart=1599105826040&qos.performance.timing.domInteractive=1599105826039&qos.performance.timing.domLoading=1599105825521&qos.performance.timing.responseEnd=1599105825529&qos.performance.timing.responseStart=1599105825519&qos.performance.timing.requestStart=1599105825197&qos.performance.timing.secureConnectionStart=1599105825189&qos.performance.timing.connectEnd=1599105825196&qos.performance.timing.connectStart=1599105825184&qos.performance.timing.domainLookupEnd=1599105825184&qos.performance.timing.domainLookupStart=1599105825178&qos.performance.timing.fetchStart=1599105825177&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1599105825177&qos.player.dimensions=%5B%5B1599105827254%2C%220x0%22%2C%22788x443.25%22%5D%5D&qos.player.pixelratio=%5B%5B1599105827254%2C1%5D%5D&qos.player.screendimensions=%5B%5B1599105827254%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 03 Sep 2020 04:03:47 GMT
content-type: image/gif
status: 200
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame E8CA 0
0 42ms
41ms Document
text/html 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1598863112.961402"
last-modified: Mon, 31 Aug 2020 07:33:01 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Thu, 03 Sep 2020 04:03:47 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1599105827~rv=87~id=af585699d1c692e3a48e5287150138b5; path=/; Expires=Thu, 03 Sep 2020 04:03:47 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LnNtaC5jb20uYXU= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
418 B 106ms
35ms XHR
application/json 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnNtaC5jb20uYXU=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 04:03:47 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=9066
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 16
Expires: Thu, 03 Sep 2020 06:34:53 GMT

GET
H2 200 ef3bd4ef01912374c924af0007331c74aa06c62b
static.ffx.io/images/$zoom_0.3583%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_170%2C$y_118/t_crop_custom/q_86%2Cf_auto/ 882 B
1 KB 7ms
5ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.3583%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_170%2C$y_118/t_crop_custom/q_86%2Cf_auto/ef3bd4ef01912374c924af0007331c74aa06c62b
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 07e8b3f05d28066ebb5e1933d097f10c5cc5ac3f57e166a55b81d7e69c4dba10

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 85533
edge-cache-tag: 483486529264900786154393402001526537563,498604225032555608297705280390668719686,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="ef3bd4ef01912374c924af0007331c74aa06c62b.webp"
content-length: 882
x-cld-skey: 483486529264900786154393402001526537563 498604225032555608297705280390668719686 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 02 Sep 2020 02:52:22 GMT
server: cloudinary
x-timer: S1599105827.326896,VS0,VE0
etag: "0cccbe396937ad65b9c9b9235b573585"
x-served-by: cache-fra19154-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

GET
H2 200 1e1bd0f7d10c4d5e4442906368ce9b2c0252e978
static.ffx.io/images/$zoom_0.1182%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_98%2C$y_0/t_crop_custom/q_86%2Cf_auto/ 2 KB
2 KB 7ms
6ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.1182%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_98%2C$y_0/t_crop_custom/q_86%2Cf_auto/1e1bd0f7d10c4d5e4442906368ce9b2c0252e978
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 40da371ab0f66ae687c32e8b2e3fa0830bd7d45bf488d2c4e91e88c708ac8c85

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 24426
edge-cache-tag: 204516761060625008774705920449065028019,501052422787542500624162903019606115073,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="1e1bd0f7d10c4d5e4442906368ce9b2c0252e978.webp"
content-length: 1560
x-cld-skey: 204516761060625008774705920449065028019 501052422787542500624162903019606115073 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 02 Sep 2020 19:04:34 GMT
server: cloudinary
x-timer: S1599105827.327071,VS0,VE0
etag: "ceddfd5b6389cf6fe0e68b987210d6bf"
x-served-by: cache-fra19145-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

GET
H2 200 d74c5f348416b4d544161533dd8a70aeac24c294
static.ffx.io/images/$zoom_0.2254%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_353%2C$y_0/t_crop_custom/q_86%2Cf_auto/ 1 KB
2 KB 8ms
6ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.2254%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_353%2C$y_0/t_crop_custom/q_86%2Cf_auto/d74c5f348416b4d544161533dd8a70aeac24c294
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9bb8a79b273df670a0a509a6b7100aad4c9de865d0d129cd84b583f6fa1d03ee

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 19524
edge-cache-tag: 282693896538363821152812471806985224605,294995973823344465801489649997411829864,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="d74c5f348416b4d544161533dd8a70aeac24c294.webp"
content-length: 1456
x-cld-skey: 282693896538363821152812471806985224605 294995973823344465801489649997411829864 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 02 Sep 2020 20:51:57 GMT
server: cloudinary
x-timer: S1599105827.327049,VS0,VE0
etag: "43ef2885d0d1dfd23ba52bfd8eb79e36"
x-served-by: cache-fra19147-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 afe88e4a92f160cca0be64c5cc98b48db7fbcb52
static.ffx.io/images/$zoom_0.19859911242603553%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_208%2C$y_37/t_crop_custom/q_86%2Cf_auto/ 2 KB
2 KB 8ms
7ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.19859911242603553%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_208%2C$y_37/t_crop_custom/q_86%2Cf_auto/afe88e4a92f160cca0be64c5cc98b48db7fbcb52
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8410912083e902f7da21faaa83e224ed1c2c10062abf4046f24770ca8e5d7607

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 37810
edge-cache-tag: 470448380895997121426771036186775096817,233446410728378719242584021123085008216,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="afe88e4a92f160cca0be64c5cc98b48db7fbcb52.webp"
content-length: 1696
x-cld-skey: 470448380895997121426771036186775096817 233446410728378719242584021123085008216 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 02 Sep 2020 17:29:28 GMT
server: cloudinary
x-timer: S1599105827.327030,VS0,VE1
etag: "90364de2d863a5b63ed449c0b891b697"
x-served-by: cache-fra19158-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 360a53d949a9edd32773eedd9cf21c74355835ed
static.ffx.io/images/$zoom_0.18754205607476637%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_101%2C$y_0/t_crop_custom/q_86%2Cf_auto/ 2 KB
2 KB 8ms
7ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.18754205607476637%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_101%2C$y_0/t_crop_custom/q_86%2Cf_auto/360a53d949a9edd32773eedd9cf21c74355835ed
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8d117b976156353a0e79ffdaeed8f27d935c87530e2dfa573c62f5531f7587f6

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 3747
edge-cache-tag: 449824079911152273260973732091927773577,287019696547139548411288638220940527039,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="360a53d949a9edd32773eedd9cf21c74355835ed.webp"
content-length: 1918
x-cld-skey: 449824079911152273260973732091927773577 287019696547139548411288638220940527039 5f5f4219172da4ec8104790896b11172
x-cache: HIT, HIT
last-modified: Wed, 02 Sep 2020 16:22:17 GMT
server: cloudinary
x-timer: S1599105827.327171,VS0,VE0
etag: "0da73e3075d3c0f945a7cb7bea11f6ce"
x-served-by: cache-fra19166-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 4867359c5ac2f3c34b50432e82346f2e9c58a839
static.ffx.io/images/$zoom_0.3925061329890252%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_193%2C$y_60/t_crop_custom/q_86%2Cf_auto/ 1 KB
1 KB 9ms
8ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.3925061329890252%2C$multiply_0.1481%2C$ratio_1%2C$width_378%2C$x_193%2C$y_60/t_crop_custom/q_86%2Cf_auto/4867359c5ac2f3c34b50432e82346f2e9c58a839
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2596870584bca022c9988c2219f90229b8621de34f1512cfa7ed700ae993f408

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 68893
edge-cache-tag: 280700568212430241891396693365761004055,409430615269339188802833780976453316903,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="4867359c5ac2f3c34b50432e82346f2e9c58a839.webp"
content-length: 1114
x-cld-skey: 280700568212430241891396693365761004055 409430615269339188802833780976453316903 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 02 Sep 2020 08:31:19 GMT
server: cloudinary
x-timer: S1599105827.327310,VS0,VE1
etag: "9042e445a9fdce2d2d38627df18ef6c0"
x-served-by: cache-fra19152-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 489db7bf1159a0a7400d617ef031daff734e3587
static.ffx.io/images/$zoom_0.3461%2C$multiply_0.2842%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_231/t_crop_custom/q_86%2Cf_auto/ 13 KB
13 KB 150ms
149ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.3461%2C$multiply_0.2842%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_231/t_crop_custom/q_86%2Cf_auto/489db7bf1159a0a7400d617ef031daff734e3587
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3943ddf0ac23a41b8dda3b95ca96be09f2dbb5b694bba403adfbfc8b002c7616

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 267735350615231748687565672448545061289,255162346870475476649122012300920186730,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="489db7bf1159a0a7400d617ef031daff734e3587.webp"
content-length: 13114
x-cld-skey: 267735350615231748687565672448545061289 255162346870475476649122012300920186730 5f5f4219172da4ec8104790896b11172
x-cache: MISS, MISS
last-modified: Sat, 14 Mar 2020 02:01:13 GMT
server: cloudinary
x-timer: S1599105827.336899,VS0,VE142
etag: "771feb86a6f84e19ea708dc0062a0b70"
x-served-by: cache-fra19163-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599105827410&ci=f2&js=1&cg=0&ts=outbrain.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hacke...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599105827410&ci=f2&js=1&cg=0&ts=outbrain.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hacke...

44 B
491 B

103ms
102ms

Image
image/gif

2600:9000:214f:d400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599105827410&ci=f2&js=1&cg=0&ts=outbrain.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&sr=1600x1200&id=lstrg-83bc49f63e0d3f21218228952e07ebc0&tz=2&ja=1
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:d400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: L3L9u0q6sLWKPBPSPF_FFh092Lc2tg6iU_L6GfHEniS2oru7Rk7Ljg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 302
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599105827410&ci=f2&js=1&cg=0&ts=outbrain.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&sr=1600x1200&id=lstrg-83bc49f63e0d3f21218228952e07ebc0&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: i0Dl6q7ISNvhfqK_JrlEmSNM3CuVH5cPuPGzsLvJfXniHY5hRDiEwg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
151 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=314019156466282&ev=PageView&dl=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&rl=&if=false&ts=1599105827436&sw=1600&sh=1200&v=2.9.24&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1599105826877.829764976&it=1599105826582&coo=false&rqm=GET

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 03 Sep 2020 04:03:47 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
52 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryDiA6gGNklzUJLvFR

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 03 Sep 2020 04:03:47 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 434ms
109ms XHR
application/json 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1599105827459&sessionId=01b67639-0da1-f8f7-54d7-5418e42d1658&url=www.smh.com.au&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 04:03:47 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3d23cbb4578f3e4fe20215f4ac179a17
Content-Length: 4
Expires: 0

GET
H3-Q050 200 bridge3.407.0_en.html
imasdk.googleapis.com/js/core/ Frame F080 0
0 27ms
13ms Document
text/html 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.407.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.407.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192800
date: Wed, 02 Sep 2020 03:00:35 GMT
expires: Thu, 02 Sep 2021 03:00:35 GMT
last-modified: Wed, 02 Sep 2020 02:51:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 90192
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:03:47 GMT

GET
H/1.1 200
OK / Show response
srv-2020-09-03-04.pixel.parsely.com/plogger/ 43 B
229 B 498ms
126ms Fetch
image/gif 34.232.20.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2020-09-03-04.pixel.parsely.com/plogger/?rand=1599105827498&plid=10291760&idsite=smh.com.au&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_pageviewID%22%3A%223684AD38-43BF-4965-86B5-23A6FA3B56EB%22%2C%22user_engagement%22%3A%22single%2Floyal%22%7D&sid=1&surl=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&sref=&sts=1599105826768&slts=0&date=Thu+Sep+03+2020+06%3A03%3A47+GMT%2B0200+(Central+European+Summer+Time)&action=heartbeat&inc=1&tt=630&u=pid%3D699c1c03223a0905cca9419395902d3d
Requested by: Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/smh.com.au/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.20.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-20-147.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 04:03:48 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
srv-2020-09-03-04.pixel.parsely.com/plogger/ 43 B
229 B 474ms
119ms Image
image/gif 34.232.20.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-09-03-04.pixel.parsely.com/plogger/?rand=1599105827501&plid=10291760&idsite=smh.com.au&url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_pageviewID%22%3A%223684AD38-43BF-4965-86B5-23A6FA3B56EB%22%2C%22user_engagement%22%3A%22single%2Floyal%22%7D&sid=1&surl=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&sref=&sts=1599105826768&slts=0&title=Coronavirus%3A+China+state-sponsored+hackers+APT+TA413+target+personal+computers+for+COVID-19+intelligence&date=Thu+Sep+03+2020+06%3A03%3A47+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=52395886&u=pid%3D699c1c03223a0905cca9419395902d3d
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.20.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-20-147.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 04:03:47 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 async_lib.js Show response
farm.plista.com/ 39 KB
9 KB 361ms
279ms Script
application/javascript 148.251.77.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farm.plista.com/async_lib.js?json=%7B%22name%22%3A%22PLISTA_%5B0%5D%22%2C%22publickey%22%3A%22eaf6727b8eea9ad6da01d2f1%22%2C%22objectid%22%3A%22p55rwy%22%2C%22rev%22%3A1597287904%2C%22req%22%3A%5B%5B%22isarticle%22%2C%7B%22updated_at%22%3A1599104393%7D%5D%2C%5B%22widgetload%22%2C%7B%22widgets%22%3A%5B%22underArticle_v3%22%5D%2C%22ab%22%3A0%2C%22vo%22%3Atrue%2C%22pm%22%3Atrue%2C%22sc%22%3A%221600x1200%22%2C%22px%22%3A1%2C%22vs%22%3A%220.10.13%22%2C%22vp%22%3Atrue%2C%22ww%22%3A1600%2C%22wb%22%3Atrue%7D%5D%5D%7D&x=1599105827525
Requested by: Host: static-au.plista.com
URL: https://static-au.plista.com/async.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.77.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.207.77.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 256c987586447a6c0d3f0d2bcdb1743b7f2df405676ebf8df4cee6b9ae75722d

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 04:03:47 GMT
server: nginx
p3p: policyref="https://www.plista.com/w3c/p3p.xml", CP="CAO DSP COR TAIa PSAa PSDa IVAi IVDi CONi HISa OUR IND PHY ONL UNI COM NAV INT DEM STA PRE"
status: 200
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 8309
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/10510523/ 43 B
715 B 130ms
128ms Image
image/gif 52.207.52.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/10510523/track_page_view?payload=%7B%22title%22%3A%22Coronavirus%3A%20China%20state-sponsored%20hackers%20APT%20TA413%20target%20personal%20computers%20for%20COVID-19%20intelligence%22%2C%22url%22%3A%22https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%7D%7D

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.52.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-52-76.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.003767
date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"db04c7b378cb2db912c3ba8a5a774ee3"
x-frame-options: SAMEORIGIN
content-type: image/gif
status: 200
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: a686ffc0-8203-4802-80c3-5449ecac3aaf

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
359 B 503ms
128ms XHR
text/plain 52.20.153.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/optimizelyjs/s/metro_mastheads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.153.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-153-254.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 03 Sep 2020 04:03:48 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.smh.com.au
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 35f073cf-290f-4fec-981c-b288fbffc970

GET
H2 200 b1ecce1671db7cbd686987bf6601469aa3140acd
static.ffx.io/images/$width_800%2C$height_450/t_crop_fill/q_86%2Cf_auto/ 58 KB
58 KB 9ms
9ms Image
image/webp 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$width_800%2C$height_450/t_crop_fill/q_86%2Cf_auto/b1ecce1671db7cbd686987bf6601469aa3140acd
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3a58e10dd5cc4339f96afd0732248e33f25f5c56000321134a24dd695b5f4536

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 3376
edge-cache-tag: 317041373793283876757026819621993785321,429682176245678068678708913524772125867,5f5f4219172da4ec8104790896b11172
status: 200
content-disposition: inline; filename="b1ecce1671db7cbd686987bf6601469aa3140acd.webp"
content-length: 59378
x-cld-skey: 317041373793283876757026819621993785321 429682176245678068678708913524772125867 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Thu, 03 Sep 2020 03:04:10 GMT
server: cloudinary
x-timer: S1599105828.578375,VS0,VE1
etag: "788a998a6e980eef4454910ea7eb5bdd"
x-served-by: cache-fra19179-FRA, cache-fra19134-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 170 KB
49 KB 9ms
8ms Script
application/javascript 2600:9000:214f:6600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P455839AC-95DF-4ED7-8966-E66F3202718E.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 03:33:36 GMT
content-encoding: gzip
age: 1812
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
etag: W/"7091e9f855e2e7130746427316d51284"
vary: Accept-Encoding
x-amz-version-id: 5mhKBMVfyDG3meutjv0cTLS334SVXJnL
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: k3J8yi4XvGFeMaFQ_UYVFyboDmReq4HuJ0dk1K5242MBs2jJOluokQ==

GET
H2 200 get Show response
odb.outbrain.com/utils/ 41 KB
15 KB 323ms
265ms Script
text/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&idx=0&rand=3393&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&px=236&py=4924&vpd=3724&settings=true&recs=true&version=200073&sig=BpyAGJXS&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 450c0af8ebb88355e907a1b5d137af249d3e522d47106572722823e3cadd894d

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
traffic-path: CHIDC2, MDW, HHN, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-cache-hits: 0, 0
x-traceid: 15d82f04204b9acb3ac796d5c25abfa6
content-length: 14835
x-served-by: cache-mdw17343-MDW, cache-hhn4053-HHN
pragma: no-cache
x-timer: S1599105828.670743,VS0,VE236
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.75.43
accept-ranges: bytes, bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame A745 0
0 13ms
13ms Document
text/html 2600:9000:214f:6600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=778b5d30-ed9a-11ea-a97d-d95286785b89
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
content-type: text/html
last-modified: Mon, 31 Aug 2020 13:41:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 8SzOU0T3jq5fDilujOsIQHDXhBBCvnxx
server: AmazonS3
content-encoding: gzip
date: Thu, 03 Sep 2020 03:33:38 GMT
etag: "7fa83dfc7b78314b137e2eb13834daa7"
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: kpE1sIkn-ed-HaRxrfUjWNMkqCj0mN73FWoN1czspUNrnUT3GhhZAA==
age: 1810

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 41ms
41ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 03 Sep 2020 04:03:47 GMT
content-type: image/gif
status: 200
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/3910869709001/74161213-919f-45fb-a06e-fa5920058131/79bad12c-7691-4918-86fe-26d41e0869bd/1280x720/match/ 665 KB
666 KB 108ms
32ms Image
image/jpeg 143.204.212.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/3910869709001/74161213-919f-45fb-a06e-fa5920058131/79bad12c-7691-4918-86fe-26d41e0869bd/1280x720/match/image.jpg
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.212.151 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: b6bc30e465f3b6f6de82d2415c53b094c834640703589321146269d5170463d5

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 02:10:59 GMT
Via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 6768
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: F_g4WN2FDFyhwRWOcPTIO825HTKnKjNiitJodUOGzbZgTQy8JPTqhg==
Expires: Fri, 03 Sep 2021 02:10:59 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/3910869709001/74161213-919f-45fb-a06e-fa5920058131/10s/ 5 KB
6 KB 62ms
48ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/3910869709001/74161213-919f-45fb-a06e-fa5920058131/10s/master.m3u8?fastly_token=NWZjNzE0ZTVfZTE5NzAyODllZDhhMmY2N2RkMTQyOWJlZGQ3MDA0ZWNiYWRiMzljYmM3MWYzNTU0MjgyNmJlNTRjNDEzMTk2Ng%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 0fb015e4ce33108cbcc5315b07bd5575b42693cc761dfd209f1e14ba73764e29

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
status: 200
x-bolt-device-group: desktop-chrome
content-length: 5248
x-served-by: cache-fra19127-FRA
x-timer: S1599105828.727612,VS0,VE43
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=3888000, max-age=3888000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK 62cb9c1b-c09b-4dfa-be9a-d0c735e21365
https://www.smh.com.au/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/62cb9c1b-c09b-4dfa-be9a-d0c735e21365
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dff229c9f000e971cb270105fb72022c3657ede11c47aba82433d8c1b53ebc42

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5200
Content-Type: application/javascript

GET
BLOB 200
OK f6d09e99-1059-41d3-b3c0-191a592726e4
https://www.smh.com.au/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/f6d09e99-1059-41d3-b3c0-191a592726e4
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04b0cf30f35fb111ba58b36ea67493fa14be275bc98ff3853f233a650f961aa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 76381
Content-Type: application/javascript

GET
BLOB 200
OK aca52a2a-da92-439d-9273-59de9062bd17
https://www.smh.com.au/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.smh.com.au/aca52a2a-da92-439d-9273-59de9062bd17
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04b0cf30f35fb111ba58b36ea67493fa14be275bc98ff3853f233a650f961aa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 76381
Content-Type: application/javascript

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 42ms
41ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 03 Sep 2020 04:03:47 GMT
content-type: image/gif
status: 200
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/3910869709001/74161213-919f-45fb-a06e-fa5920058131/492fa4cb-29d5-40ee-8137-b97abe1688a3/10s/ 10 KB
10 KB 316ms
316ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/3910869709001/74161213-919f-45fb-a06e-fa5920058131/492fa4cb-29d5-40ee-8137-b97abe1688a3/10s/rendition.m3u8?fastly_token=NWZjNzE2MjFfZWEzMzUzNzU4ODg5YTI3MDE1N2ViMjIzN2EyNmM5MTJlNWQ4ZDNhZTMxZTA4YmU0NTMzODNkNzk1ODM4MTM2Yw%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: fa0e11f292afc057de3a9c92fc30b0c711ef68a6202a6bb869c640f24de7ec9b

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
status: 200
content-length: 9750
x-served-by: cache-fra19127-FRA
x-timer: S1599105828.783784,VS0,VE309
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=3888000, max-age=3888000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 / Show response
adc.nine.com.au/ 43 B
497 B 1061ms
345ms Fetch
application/json 13.55.146.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adc.nine.com.au/?

Requested by

Host: adc-js.nine.com.au
URL: https://adc-js.nine.com.au/adc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.146.187 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

awselb/2.0 /

Resource Hash

ecb98c8ffeba70192e814feff8243d937ba2b30ef4095adbffcdd9831602e716

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
server: awselb/2.0
status: 200
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.smh.com.au
api-supported-versions: 1.0
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-type: application/json; charset=utf-8
content-length: 43

GET
H2 200 async_lib.js Show response
farm.plista.com/ 81 B
1 KB 57ms
56ms Script
application/javascript 148.251.77.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farm.plista.com/async_lib.js?json=%7B%22name%22%3A%22PLISTA_%5B0%5D%22%2C%22publickey%22%3A%22eaf6727b8eea9ad6da01d2f1%22%2C%22objectid%22%3A%22p55rwy%22%2C%22rev%22%3A1597287904%2C%22req%22%3A%5B%5B%22additem%22%2C%7B%22objectid%22%3A%22p55rwy%22%2C%22title%22%3A%22Chinese%20hackers%20target%20emails%20with%20WHO%2C%20Australian%20Medical%20Association%20campaigns%22%2C%22text%22%3A%22Suspected%20state-sponsored%20hackers%20are%20using%20fake%20COVID-19%20global%20campaigns%20to%20gather%20intelligence%20covertly%2C%20a%20leading%20security%20firm%20says.%22%2C%22url%22%3A%22https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html%22%2C%22img%22%3A%22https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.739%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fc1f64adca3eba9bd1201b9ed80cb8d9512dcdb32%22%2C%22category%22%3A%22World%22%2C%22published_at%22%3A%221599098178%22%2C%22updated_at%22%3A%221599104393%22%2C%22kind%22%3A%22article%22%2C%22status%22%3A%228%22%7D%5D%5D%7D&x=1599105827891
Requested by: Host: static-au.plista.com
URL: https://static-au.plista.com/async.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.77.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.207.77.251.148.clients.your-server.de
Software: nginx /
Resource Hash: a82052976b9778a91e14b3b5f3579261b4bd2f69921fd4296d876824065ecc20

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 04:03:47 GMT
server: nginx
p3p: policyref="https://www.plista.com/w3c/p3p.xml", CP="CAO DSP COR TAIa PSAa PSDa IVAi IVDi CONi HISa OUR IND PHY ONL UNI COM NAV INT DEM STA PRE"
status: 200
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 99
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.873%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_42%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fdb17db92e8a3ecb4c5ecd1e381e2...
media.plista.com/T-eUq1bLL-b02oEh-oNIESVqEAo=/264x149/smart/filters:format(webp):quality(85)/ 4 KB
4 KB 35ms
29ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/T-eUq1bLL-b02oEh-oNIESVqEAo=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.873%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_42%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fdb17db92e8a3ecb4c5ecd1e381e2216ae6510345
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: b927c9ac86e212dfa78341f31e55ba931a84a983ed996ed6884c5a53f29e96c8

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "ae298496671bb7f63f4f2efc8669df1677cc0cd2"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 4002
plista-status: Success
expires: Fri, 02 Oct 2020 05:54:37 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.19076457229371688%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_7%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F06b7a4e49bb80ba...
media.plista.com/-k-Kuqd1HkX7WUkcUZ2u9MM372s=/264x149/smart/filters:format(webp):quality(85)/ 13 KB
14 KB 38ms
33ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/-k-Kuqd1HkX7WUkcUZ2u9MM372s=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.19076457229371688%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_7%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F06b7a4e49bb80ba57fda0512a2a79b80e8dcdf91
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 516de355421a1f0e0d37a86f09f89e9edec8c0253ccc573de9c76a7c554d1502

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "e6b5f743240739c3a1595c8d9e78f0e9f70f15b8"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 13792
plista-status: Success
expires: Thu, 01 Oct 2020 20:56:08 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.2678%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_233%252C%24y_40%2Ft_crop_custom%2Fq_86%252Cf_auto%2F6e144dda7f00826c8741704ee...
media.plista.com/rH2nvUYTRG4dmwlZA5zCzvtefrw=/264x149/smart/filters:format(webp):quality(85)/ 5 KB
5 KB 39ms
34ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/rH2nvUYTRG4dmwlZA5zCzvtefrw=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.2678%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_233%252C%24y_40%2Ft_crop_custom%2Fq_86%252Cf_auto%2F6e144dda7f00826c8741704ee422135eab67634f
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d4d248ee4fe4992c80ee3c1f17b1b1866bd561e22d382be2332d31aa29afd7f

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "30ebabcf579f7be7fd04201f8e6c934c558421dd"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 5174
plista-status: Success
expires: Sat, 03 Oct 2020 04:02:15 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.1667%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_60%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fb2ca6c52a66a14a166acfecbbdf...
media.plista.com/PvnDm97lLVahku1mYRdpExOApvM=/264x149/smart/filters:format(webp):quality(85)/ 11 KB
11 KB 43ms
37ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/PvnDm97lLVahku1mYRdpExOApvM=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.1667%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_60%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fb2ca6c52a66a14a166acfecbbdf88b36a6e5e00b
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 645e9889f1da02924820f19e897848f07b61fcec739fac03d7d828341e2c95b1

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "90b279e4e2b33752f4904fe7854d993d0b2aef80"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 10864
plista-status: Success
expires: Wed, 30 Sep 2020 09:36:35 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_1%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_142%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F71b115475dcf801fe7417480c5c9b2d...
media.plista.com/_T3VcO-O4gjAMZPVRRgUsvuUL5E=/264x149/smart/filters:format(webp):quality(85)/ 12 KB
13 KB 56ms
50ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/_T3VcO-O4gjAMZPVRRgUsvuUL5E=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_1%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_142%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F71b115475dcf801fe7417480c5c9b2d58e6249f6
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: fb6b77c5eb4afad727a4ad970ae220adc0fa019faed32d063fbe7ce84ca0f30e

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "00e14af460aaf1044fd1624095c4d74933ba23ea"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 12778
plista-status: Success
expires: Thu, 01 Oct 2020 16:12:28 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.3782%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F796c041283941ed9966d1ad9e141...
media.plista.com/LHYH3M9PlhL2jN-Hp6uWUKKASAs=/264x149/smart/filters:format(webp):quality(85)/ 10 KB
10 KB 53ms
47ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/LHYH3M9PlhL2jN-Hp6uWUKKASAs=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.3782%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F796c041283941ed9966d1ad9e1416679adedd57b
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a70879772cfc54d88d1663a13aaa70d9a93733f1dfe6cf827e901b6b70f789b4

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "4654e0120c78dd988e970cb7d57e46ed2337869b"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 9952
plista-status: Success
expires: Fri, 02 Oct 2020 10:35:40 GMT

GET
H2 200 https%3A%2F%2Fapi.plista.com%2Fau%2Fupload%2Ffiles%2Fpets%2F5f3dde1e3bfbf80a21191d23%2Feditors_pick_campaign-1597890069591349556.png
media.plista.com/O540iWR7hjBdQIsRanyZZIUvhe0=/264x149/smart/filters:format(webp):quality(85)/ 8 KB
8 KB 30ms
30ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/O540iWR7hjBdQIsRanyZZIUvhe0=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fapi.plista.com%2Fau%2Fupload%2Ffiles%2Fpets%2F5f3dde1e3bfbf80a21191d23%2Feditors_pick_campaign-1597890069591349556.png
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e4aa0b2658ab77a3f236c3597b70c57b24e6220da0004efdf7d9b97512e1c925

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "5fcdf05cc9450e965dbb4436a864953a0bb7f0e0"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 8104
plista-status: Success
expires: Wed, 30 Sep 2020 09:30:49 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.7924646739130434%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_765%252C%24y_280%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fa4d463c89481...
media.plista.com/bTKln9UF8Z37JvIvI1-V4zeHmIk=/264x149/smart/filters:format(webp):quality(85)/ 12 KB
12 KB 30ms
30ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/bTKln9UF8Z37JvIvI1-V4zeHmIk=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.7924646739130434%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_765%252C%24y_280%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fa4d463c89481f50ef27206bd3ef93a12c471c9d1
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e1831d24308d127206b89832b609fe96945c8112dcc90515f91818e3b4bc86ab

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "97bf3faaa39e2b38662f29220fedc5e41aa3a2ef"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 11950
plista-status: Success
expires: Thu, 01 Oct 2020 08:57:54 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.14223894637817497%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_5%2Ft_crop_custom%2Fq_86%252Cf_auto%2F8b6b335fbc0d124...
media.plista.com/pqPKSQe9XDO_XS9m4FsFgku-TIs=/264x149/smart/filters:format(webp):quality(85)/ 10 KB
11 KB 31ms
30ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/pqPKSQe9XDO_XS9m4FsFgku-TIs=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.14223894637817497%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_5%2Ft_crop_custom%2Fq_86%252Cf_auto%2F8b6b335fbc0d1247741826d5896f62b5a16452a5
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8d048ac7fe0a8049c22b36a7eb5ac9026df16f1a2a5024290b4e3982be1c7609

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "6df863ab8e90cb25d7e5ac41633a3bba76bc5c0c"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 10556
plista-status: Success
expires: Thu, 01 Oct 2020 12:38:47 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.19017734553775745%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_134%252C%24y_189%2Ft_crop_custom%2Fq_86%252Cf_auto%2F80e75a5cbe0...
media.plista.com/ZO-C0St3cZF3mLJs0aSwecrYpBk=/264x149/smart/filters:format(webp):quality(85)/ 17 KB
18 KB 32ms
32ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/ZO-C0St3cZF3mLJs0aSwecrYpBk=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.19017734553775745%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_134%252C%24y_189%2Ft_crop_custom%2Fq_86%252Cf_auto%2F80e75a5cbe0b08ec6499f192919f7ebf224707c3
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 886c2aa982e2c733a596bc4e0193db564f4c93087403ed841cdace498063d0e9

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "f3eee19e1dae77e09966adab4a027bfebca778dd"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 17896
plista-status: Success
expires: Fri, 02 Oct 2020 12:23:36 GMT

GET
H2 200 https%3A%2F%2Fapi.plista.com%2Fau%2Fupload%2Ffiles%2Fpets%2F5f3de436c7faf81d96301203%2Feditors_pick_campaign-1597891630086961983.png
media.plista.com/-6gGtNrNxlyOp8u8VqisrCwycX0=/264x149/smart/filters:format(webp):quality(85)/ 11 KB
11 KB 33ms
29ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/-6gGtNrNxlyOp8u8VqisrCwycX0=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fapi.plista.com%2Fau%2Fupload%2Ffiles%2Fpets%2F5f3de436c7faf81d96301203%2Feditors_pick_campaign-1597891630086961983.png
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: bb4c805c1d528a0f4d53b2869d01e56e541647ac3fee9826d934e6700e75e676

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "f232d5f41a81c02bb89c52d9eddfc4187043277c"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 11380
plista-status: Success
expires: Wed, 30 Sep 2020 09:30:49 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.39375%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F38680545a88908a8bc687693f74...
media.plista.com/kbgOgkTkDJYtkBcxPq3FMUkJjec=/264x149/smart/filters:format(webp):quality(85)/ 13 KB
13 KB 32ms
31ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/kbgOgkTkDJYtkBcxPq3FMUkJjec=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.39375%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F38680545a88908a8bc687693f74d717a9b199a8c
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 78ad51bcb3aa3318e85b3bed60beb799d2da366f593b00b261ff98b3fbeb21f8

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "cd75f0b7569a1c0b2e24d1cc4a5ba13ef394edac"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 12940
plista-status: Success
expires: Wed, 30 Sep 2020 11:59:53 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.13577586206896552%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F821b17500c1bde9...
media.plista.com/fP1iTN3IsdO0fqs3dYhYZWTCN7A=/264x149/smart/filters:format(webp):quality(85)/ 12 KB
12 KB 29ms
29ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/fP1iTN3IsdO0fqs3dYhYZWTCN7A=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.13577586206896552%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2F821b17500c1bde9709e800baada4faf3694526fe
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8e797d483038c2cdc6bf82f34a2a56375d6b326edd7cc6c55b94fc9b69c8b2ed

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
server: NetDNA-cache/2.2
etag: "75a36c47978bfbfef60a4d5e26cb7a286373e9bf"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 11856
plista-status: Success
expires: Thu, 01 Oct 2020 23:29:41 GMT

GET
H2 200 https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.252%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fc9bdd152dcd3e2ffb6c879890ee71...
media.plista.com/GlbPp6quqyOqGtARLvNX4ET1oGE=/264x149/smart/filters:format(webp):quality(85)/ 14 KB
14 KB 29ms
29ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/GlbPp6quqyOqGtARLvNX4ET1oGE=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fstatic.ffx.io%2Fimages%2F%24zoom_0.252%252C%24multiply_0.3968%252C%24ratio_1.5%252C%24width_756%252C%24x_0%252C%24y_0%2Ft_crop_custom%2Fq_86%252Cf_auto%2Fc9bdd152dcd3e2ffb6c879890ee71feb607cf60e
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: df1d737a77ab72d6c36f7796902091f213775556d075753022297101bd643bf7

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
server: NetDNA-cache/2.2
etag: "21cf40731d740647a7abd0738e865c3f8be4eaea"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 14046
plista-status: Success
expires: Fri, 02 Oct 2020 07:24:49 GMT

GET
H2 200 https%3A%2F%2Fapi.plista.com%2Fau%2Fupload%2Ffiles%2Fpets%2F5f2234a73bfbf83a59031783%2Feditors_pick_campaign-1596077219608303416.png
media.plista.com/U77Shu-iolxEi-lnjOq5AEFn5D4=/264x149/smart/filters:format(webp):quality(85)/ 11 KB
11 KB 30ms
29ms Image
image/webp 23.111.11.152
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.plista.com/U77Shu-iolxEi-lnjOq5AEFn5D4=/264x149/smart/filters:format(webp):quality(85)/https%3A%2F%2Fapi.plista.com%2Fau%2Fupload%2Ffiles%2Fpets%2F5f2234a73bfbf83a59031783%2Feditors_pick_campaign-1596077219608303416.png
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eb740c2d57fba9a94a1826395b0b741eaf8e176ad2bced6331d0e67094b12818

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
server: NetDNA-cache/2.2
etag: "00c67dd238834c3ca7af71a1630e5b1a0bd4b3f0"
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
content-length: 10906
plista-status: Success
expires: Wed, 30 Sep 2020 10:04:49 GMT

GET
H2 200 logo_plista_small_AAAAAA.png
static.plista.com/image/ 496 B
698 B 38ms
36ms Image
image/png 138.201.125.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.plista.com/image/logo_plista_small_AAAAAA.png
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.235 Kuenzelsau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.125.201.138.clients.your-server.de
Software: nginx /
Resource Hash: cec2f2b92af5b6ef33669a5db9041e9d7333c66aa1c6aa27c632e9b87277fc27

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish-v4
server: nginx
age: 44479
x-varnish: 127382808 89813866
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-type: Content-type: image/png; charset=utf-8
content-length: 496
expires: Fri, 02 Oct 2020 15:42:28 GMT

GET
H2

200

/
farm.plista.com/matching/pixel/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Ffarm.plista.com%2Fmatching%2Fpixel%2F%3Fssp%3Dc3de%26dsp_user_id%3D$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ffarm.plista.com%252Fmatching%252Fpixel%252F%253Fssp%253Dc3de%2526dsp_user_id%253D%24UID
https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=7373366318006279658

35 B
408 B

42ms
41ms

Image
image/gif

148.251.77.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=7373366318006279658
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.77.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.207.77.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
server: nginx
content-type: image/gif
content-length: 51
p3p: policyref="https://www.plista.com/w3c/p3p.xml", CP="CAO DSP COR TAIa PSAa PSDa IVAi IVDi CONi HISa OUR IND PHY ONL UNI COM NAV INT DEM STA PRE"

Redirect headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 04:03:48 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid: 29c38fdf-6184-4ea9-a54a-98f5e53da045
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=7373366318006279658
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
34 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary1stDCwMpgBLihBiJ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 03 Sep 2020 04:03:47 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.smh.com.au
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 33ms
32ms Image
image/svg+xml 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
last-modified: Wed, 02 Sep 2020 11:33:21 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1599047314.018055"
status: 200
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 7090
expires: Sat, 03 Oct 2020 04:03:47 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 34ms
33ms Image
image/svg+xml 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
last-modified: Wed, 02 Sep 2020 11:33:21 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1599047293.400451"
status: 200
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 2735
expires: Sat, 03 Oct 2020 04:03:47 GMT

GET
H2 200 external-link-indicator.png
static.plista.com/planet.images.com_239251/ 238 B
483 B 37ms
36ms Image
image/png 138.201.125.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.plista.com/planet.images.com_239251/external-link-indicator.png
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.235 Kuenzelsau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.125.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 000a147828b1ecf32d8f898183a38ea4c62bb6805b5e950e44d9dd2db374403c

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
via: 1.1 varnish-v4
last-modified: Wed, 02 Sep 2020 15:43:16 GMT
server: nginx
age: 44430
content-type: image/png; charset=utf-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate
x-varnish: 128774696 90540806
accept-ranges: bytes
content-length: 238
expires: Thu, 03 Sep 2020 15:43:17 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
270 B 567ms
137ms XHR
text/plain 64.74.236.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=f3abd2d7439f44473a40db46c114cebc_34887_1599105827841&tm=660&eT=0&widgetWidth=1128&widgetHeight=689&widgetX=236&widgetY=4943&tpcs=0&wRV=200073&pVis=1&lsd=640f4443-6bdf-4362-a4dc-968655e0dc51&eIdx=&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
Connection: close
X-TraceId: 71bb014387e2a0743baed454510a27a8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/200073/module/ 45 KB
15 KB 39ms
35ms Script
application/x-javascript 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/200073/module/streamFeed.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 47fd0b02468664d6b39a7d1c68b4829fd7a3c14ca4d28c2e4dc5d67d8fb62dcd

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:47 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 11:33:21 GMT
server: AkamaiNetStorage
status: 200
etag: "8967ce71e5c72935320c2878566d0bb6:1599047349.598074"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 14781

GET
H2 200 eyJpdSI6ImViMTBhNWVhZTY3OTAwNzMzMWZhZGQ3NzE5M2NlMDQ5OTRkOGE1NmQyNjNlNmRhNzJiOGVkMjUzMGY1ZTVjNjEiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 48 KB
48 KB 185ms
91ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImViMTBhNWVhZTY3OTAwNzMzMWZhZGQ3NzE5M2NlMDQ5OTRkOGE1NmQyNjNlNmRhNzJiOGVkMjUzMGY1ZTVjNjEiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 812c6896752aaa14e875136dee2048394c39632f511b712c843d2f9dabf7af3d

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
last-modified: Mon, 10 Aug 2020 13:35:50 GMT
content-type: image/webp
status: 200
cache-control: max-age=2072495
x-traceid: 4adf00d40fa5c9cf76c9767f05e79982
timing-allow-origin: *
content-length: 49174

GET
H2 200 eyJpdSI6IjZjMDQxMzM2M2QwNGRhNWNiNDk1MmE3YzNjZDRkZjE5MjQ1YTVhNTBjYzFlMDg0ZGQwMjkwNzhlOTVjMTQ1YjMiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 41 KB
41 KB 147ms
52ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZjMDQxMzM2M2QwNGRhNWNiNDk1MmE3YzNjZDRkZjE5MjQ1YTVhNTBjYzFlMDg0ZGQwMjkwNzhlOTVjMTQ1YjMiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

f8dae99ec003a9271ab2371e08ebdfcd0e46a3065b4a6b4028cd9ad5c124f8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Sun, 07 Jun 2020 16:41:49 GMT
date: Thu, 03 Sep 2020 04:03:48 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=883107
x-traceid: bbc8064892cb18272d9e6614ddbfb7db
timing-allow-origin: *
content-length: 41994

GET
H2 200 eyJpdSI6ImIzZTFmNzhhZTMxZTZlOTk3NWI2Nzc0NmE1NTYzNGUzYjFkZWMzNGIzMTdmOGY3MWM4NDI5MTgyMzAzNzVjNzgiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 43 KB
43 KB 191ms
105ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIzZTFmNzhhZTMxZTZlOTk3NWI2Nzc0NmE1NTYzNGUzYjFkZWMzNGIzMTdmOGY3MWM4NDI5MTgyMzAzNzVjNzgiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5515d1247e3cf994e9a87406c1567af03c3b615635da40595f7006864f69c817

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
last-modified: Sun, 31 May 2020 23:21:46 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=1603759
x-traceid: 1b7598aebb2bb2a988c9c31869067b1d
timing-allow-origin: *
content-length: 43644

GET
H2 200 eyJpdSI6IjZkNzM4Njg4NDNkMzczZTA4ZmVlNzMwN2IxYmExNTJlN2E0ZTAyZDdjYWVjNGY2ZGEwMzg1YmQ4ZjQ0YWJiMmUiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 42 KB
43 KB 172ms
99ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZkNzM4Njg4NDNkMzczZTA4ZmVlNzMwN2IxYmExNTJlN2E0ZTAyZDdjYWVjNGY2ZGEwMzg1YmQ4ZjQ0YWJiMmUiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b79ae482437844c3aef37434a80abc00b97753ea9cb8549b12874b7bcf968e25

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
last-modified: Sat, 15 Aug 2020 17:38:00 GMT
content-type: image/webp
status: 200
cache-control: max-age=987303
x-traceid: aaa95dfd4cf10386141856b5fb3365c8
timing-allow-origin: *
content-length: 43282

GET
H2 200 eyJpdSI6ImZlM2E5NzcxMzJkZWYxNjhhNmQ4NTA1NmU4MDE4YmFmMGIzMDE3MTcwN2JkOTgxOWNjYTgzZTQ1ZTM4OWNmNWEiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
19 KB 95ms
34ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZlM2E5NzcxMzJkZWYxNjhhNmQ4NTA1NmU4MDE4YmFmMGIzMDE3MTcwN2JkOTgxOWNjYTgzZTQ1ZTM4OWNmNWEiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

91db941ecd27c7c63fdc676d059046d775f2d2f557908fe170fc9c1c174dd667

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 01:03:51 GMT
date: Thu, 03 Sep 2020 04:03:48 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=1047904
x-traceid: 83b276a3fb450aa5cfd47757db963fb3
timing-allow-origin: *
content-length: 18965

GET
H2 200 eyJpdSI6ImYwYTU5MDI1MjNkZDYzYmY3MjljOTM0NTQzMTNiZmNjYzEzOTgyZDZiY2QxMWU3Yjc5ZGVjN2M3NzJlN2E4YzgiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 70 KB
71 KB 131ms
72ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYwYTU5MDI1MjNkZDYzYmY3MjljOTM0NTQzMTNiZmNjYzEzOTgyZDZiY2QxMWU3Yjc5ZGVjN2M3NzJlN2E4YzgiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c2779fc33105029882ae851aa9ab50ca118f88c9e0f65abf3410eb832263e49

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
last-modified: Wed, 26 Aug 2020 04:23:39 GMT
content-type: image/webp
status: 200
cache-control: max-age=1774402
x-traceid: 4b2caf2798b70348c719274088f9ea71
timing-allow-origin: *
content-length: 71862

GET
H2 200 eyJpdSI6ImEzZjgzMGI4ZmRjNzk0ODhlOGM4YzU0ZTcwMDQ0ZjU4ODgwMmY2Y2EwYmIzOGMyNzI5YjMyOWUzODg2NzQ1YWUiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 85 KB
85 KB 101ms
101ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImEzZjgzMGI4ZmRjNzk0ODhlOGM4YzU0ZTcwMDQ0ZjU4ODgwMmY2Y2EwYmIzOGMyNzI5YjMyOWUzODg2NzQ1YWUiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1eefe6bf485d895a1c8ae3da106274c4009d17734834f33e2090cfb99eb4fd81

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
last-modified: Wed, 26 Aug 2020 04:23:52 GMT
content-type: image/webp
status: 200
cache-control: max-age=1781014
x-traceid: bcbcd94ec4ed1c92e5e5a40dd7a06d8
timing-allow-origin: *
content-length: 86782

GET
H2 200 obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 8DA6 0
0 39ms
38ms Document
text/html 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=640f4443-6bdf-4362-a4dc-968655e0dc51; recs_558dcd8a6135ea55243bf5d5c14c9533=0B2376065607A2917807572A2050761841A2713511014A2561710516A3015065936A3014997365ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "89fdecd74225ad6613f814657a128f54:1597838503.118353"
last-modified: Wed, 19 Aug 2020 12:00:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Fri, 04 Sep 2020 04:03:48 GMT
date: Thu, 03 Sep 2020 04:03:48 GMT
content-length: 4407
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1599105828~rv=90~id=e06a11de047b4aa3f330a210602c56d0; path=/; Expires=Thu, 03 Sep 2020 04:03:48 GMT; Secure; SameSite=None

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 46 KB
14 KB 445ms
442ms Script
application/json 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=200073&apv=true&sig=BpyAGJXS&format=html&rand=47528&lsd=640f4443-6bdf-4362-a4dc-968655e0dc51&lsdt=1599105827948&pdobuid=0&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZjNhYmQyZDc0MzlmNDQ0NzNhNDBkYjQ2YzExNGNlYmM=&winW=1600&winH=1200&adblck=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=10670-59480&pcer=p%3Dw1N8GPEXSwwU7w67KdWDKYzLGDs8SZRXHaSjY96WaOc%26c%3D6df8312f%26v%3D3&dpr=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/200073/module/streamFeed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ccfd8f54c8527ed821fc940db195ee18dd0f7119f12417216c563e4d431e0d4

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
traffic-path: CHIDC2, MDW, HHN, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-cache-hits: 0, 0
x-traceid: a901f7213a34e216c1da30845ed3380b
content-length: 14319
x-served-by: cache-mdw17346-MDW, cache-hhn4053-HHN
pragma: no-cache
x-timer: S1599105828.084300,VS0,VE412
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.75.46
accept-ranges: bytes, bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/3910869709001/74161213-919f-45fb-a06e-fa5920058131/7963425e-71d6-44d5-9378-0b77b85fd8dc/10s/ 10 KB
10 KB 314ms
314ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/3910869709001/74161213-919f-45fb-a06e-fa5920058131/7963425e-71d6-44d5-9378-0b77b85fd8dc/10s/rendition.m3u8?fastly_token=NWZjNzE2MjFfNzZiYjQ5ZWM2NTRhZDJlNzc0M2MzNDk1NTdmMTA0ZDc4MjlhNzZiN2Y1OTllZjNhNjU2NDU2NTMwMjM3ZGRmZA%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 9d3d5d61a2e60046cf730f97d11a64d6aa9323ee6e2e2e899973bbe2a3ddc6a5

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
status: 200
content-length: 9740
x-served-by: cache-fra19127-FRA
x-timer: S1599105828.106303,VS0,VE308
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=3888000, max-age=3888000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 15ms
14ms Fetch
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=smh.com.au&host=www.smh.com.au&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 25B0 0
0 29ms
14ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 03 Sep 2020 01:18:13 GMT
expires: Fri, 03 Sep 2021 01:18:13 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 9935
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C50A 0
0 68ms
66ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst693GwQuKWWyZDW6vHxsGtLr8T0njM6Vk_QdXaxgV3Q9Vb3josZH0oS01OZPHYeQFF_Drxs6PTuxo5u-Pt_dO7RBOYNMkuKI8-zMQRZfDOgFt-NmSWGfWSkzFenmIKSFJs7aeXz0sfHfOsebgTk2R9Yozb3vYl02gDFNQNKwxbGdDq3yetVr4hifwODQ7ob1J2KAlmvP0k7WqeeWrzG7iDCsjMOsRhrIHINwNVwiEuT2_NpuCZWNl_kXdEPdnjPrLGqEBN6EEApPFQDqd3B71vE74uug&sig=Cg0ArKJSzFh-2JaYmyX5EAE&adurl=

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200831/r20110914/client/ Frame C50A 3 KB
2 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200831/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 15:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Sep 2020 15:57:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C50A 74 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef8ca2f2488b3f68f22299c5a3f95bf7d192afc198af6e5132a8207421171267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599061127637494"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28753
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:03:48 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C50A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjH3P5lNIe_d_lMx0E7aLW8QrtMEO4b6OgxhqXczmH_Mui2GIO93HzW1v1TY6vtqpgrM-IK6aIvy5TY57iOAJ2Pyfd5A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 7121073092168210943
tpc.googlesyndication.com/simgad/ Frame C50A 35 KB
35 KB 25ms
17ms Image
image/gif 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7121073092168210943

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3ab1a607e3f45f557792b94ec0aa5622e22df944c425d676b9c4e21cd9405d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:17:27 GMT
x-content-type-options: nosniff
age: 240381
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35904
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 07:36:15 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 09:17:27 GMT

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F12D 0
0 17ms
16ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 03 Sep 2020 01:18:13 GMT
expires: Fri, 03 Sep 2021 01:18:13 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 9935
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0f0573723f7309c09eb7d2d71512e6be2e8e76e395672c77ef4e70e9322582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599061127637494"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27490
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:03:48 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C50A 0
21 B 79ms
79ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrK9qlF6EUt4FjKbEivz58bcveNS2N1mKnQNTYqTvl8dLJMV-dOgIqt_E_snuCGCYVDf8IZtKRllgKrmyCNcNqaTlLw4qTn5Cey6tyNUk5oxt7eO3NXDnql8jHxPq3bb4u33aylqTsDmvHkp7PWUn-pEiiO0EBHC2ywnnxjNgsrnly0HBkOplyQOTkdKq7thNNHeIdTzJAil0nffa3JwlCmI1zSflhRZ6N6l-s9abYVCet6HfYhc40blZZiZu7EnsUw47Rziyq6uYPZlw_gW2PVnUPdGl6&sig=Cg0ArKJSzH2yIvYwhWqbEAE&adurl=

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050

200

activityi;dc_pre=CKOJ67aNzOsCFUSTdwodMbkLZQ;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_child...
8116316.fls.doubleclick.net/ Frame E47E
Redirect Chain

https://8116316.fls.doubleclick.net/activityi;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_chi...
https://8116316.fls.doubleclick.net/activityi;dc_pre=CKOJ67aNzOsCFUSTdwodMbkLZQ;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=...

0
0

42ms
40ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8116316.fls.doubleclick.net/activityi;dc_pre=CKOJ67aNzOsCFUSTdwodMbkLZQ;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1141931943

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8116316.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKOJ67aNzOsCFUSTdwodMbkLZQ;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1141931943
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkZPC1hhXNEhbUZsfLz849dQ34SuRqrH3PYW4kdjqSmzqFY5uwlmQso0gLS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:48 GMT
expires: Thu, 03 Sep 2020 04:03:48 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8116316.fls.doubleclick.net/activityi;dc_pre=CKOJ67aNzOsCFUSTdwodMbkLZQ;src=8116316;type=rcrtag;cat=rich-0;qty=1;cost=[Revenue];u1=4513525805;u2=2716875487;u3=;u4=138316862710;u5=728x90;u6=j;u7=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1141931943
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C50A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9c95f8c4bef6534d7e497afa2f0066e2f4529a5cf441d22c1a9076727ae848b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8F2B 0
0 7ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 03 Sep 2020 01:18:13 GMT
expires: Fri, 03 Sep 2021 01:18:13 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 9935
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B73E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 03 Sep 2020 01:18:13 GMT
expires: Fri, 03 Sep 2021 01:18:13 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 9935
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
270 B 541ms
137ms XHR
text/plain 64.74.236.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=bffc40ae16493547f908262c89393d4a_34887_1599105828267&tm=1246&eT=0&widgetWidth=1128&widgetHeight=288&widgetX=236&widgetY=5632&wRV=200073&pVis=1&lsd=640f4443-6bdf-4362-a4dc-968655e0dc51&eIdx=&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 03 Sep 2020 04:03:49 GMT
content-encoding: gzip
Connection: close
X-TraceId: ea5c7cca18f10aa0a6c84ef247cc7887
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
270 B 1562ms
134ms XHR
text/plain 64.74.236.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=2bf08dd6e5094d5660114674803c54ac_34887_1599105828420&tm=1262&eT=0&widgetWidth=1128&widgetHeight=332&widgetX=236&widgetY=5920&wRV=200073&pVis=1&lsd=640f4443-6bdf-4362-a4dc-968655e0dc51&eIdx=&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 03 Sep 2020 04:03:50 GMT
content-encoding: gzip
Connection: close
X-TraceId: 92b9e8ad6158edf55d4d85ef4adc8b10
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImMzNzk5OTY5ZWZkMzJmMGEzZjIyMDliZTY2NjE2NGRlYWI5NDQwMmZhMDA5ZDUxYmQwY2FlOTljNWUzNGRlMDAiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 89 KB
89 KB 56ms
48ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImMzNzk5OTY5ZWZkMzJmMGEzZjIyMDliZTY2NjE2NGRlYWI5NDQwMmZhMDA5ZDUxYmQwY2FlOTljNWUzNGRlMDAiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

09a76468fece9301ba35ec8cdb31bbb0716afebe76f2c936228b947f6a7fcff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
last-modified: Tue, 30 Jun 2020 06:50:30 GMT
date: Thu, 03 Sep 2020 04:03:48 GMT
content-type: image/webp
status: 200
cache-control: max-age=2407967
x-traceid: 4dddd22dfa1bfe60d100a54b623531f6
timing-allow-origin: *
content-length: 91100

GET
H2 200 eyJpdSI6ImNjNmFmMWZmNjE2MjE4ZWFkN2RhNmFiYTljNTIwZmY0NWUwMWMxYjRkYmMyNjFkNzExZmJhMTA2NTZmMTgzMmUiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 83 KB
83 KB 103ms
95ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNjNmFmMWZmNjE2MjE4ZWFkN2RhNmFiYTljNTIwZmY0NWUwMWMxYjRkYmMyNjFkNzExZmJhMTA2NTZmMTgzMmUiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 919acea7356cf2b096f7c3eb5e24b4f6ce37a9f286fcc78fc59e9bf9bd3f8917

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 17:03:06 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=637462
x-traceid: 6aa790ad5149e20ca28d7107d81708fc
timing-allow-origin: *
content-length: 84625

GET
H2 200 eyJpdSI6ImQ5NzFhYTQwYTZkNDQxOWUwYWQyNzEyMmJhZmI5YjRjNGU5Y2ZmYWQ1MTJjYjlmNmE1NGE4ZmIwYjExZmIzMzkiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 20 KB
20 KB 101ms
93ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ5NzFhYTQwYTZkNDQxOWUwYWQyNzEyMmJhZmI5YjRjNGU5Y2ZmYWQ1MTJjYjlmNmE1NGE4ZmIwYjExZmIzMzkiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d1036ed345a97828e3040f0fc6b22fe5a89627e97be69b09109a18d34c2ad351

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 13:49:18 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=441281
x-traceid: 5f8284857459dd49771b785cfec00e5d
timing-allow-origin: *
content-length: 20155

GET
H2 200 eyJpdSI6ImMwOTNjMGZlNmE4MjkwZTZhOWRhZGIzY2IyNmFhMDExNTJlMzQ3MjQ4MWU1NGFjNWUzMmE4NGNjMTQ4NzkwOGYiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 93 KB
94 KB 97ms
89ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImMwOTNjMGZlNmE4MjkwZTZhOWRhZGIzY2IyNmFhMDExNTJlMzQ3MjQ4MWU1NGFjNWUzMmE4NGNjMTQ4NzkwOGYiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fa898cffbd7615ad66b68b7d543872c9a06197c141f458b6b1f86cfc8ce43a53

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
last-modified: Fri, 14 Aug 2020 03:18:49 GMT
content-type: image/webp
status: 200
cache-control: max-age=2159937
x-traceid: 9ca4fad047d1f2f07872c5af51018977
timing-allow-origin: *
content-length: 95424

GET
H2 200 eyJpdSI6ImExZmYyZjk3OGY0NTVkMjk3YzU3MjY2MDA3YjBiYzMzN2U1ZTBlM2NhN2E2YTYyZTNiZmYzNTYwODJjODdiMzMiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 28 KB
28 KB 59ms
51ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImExZmYyZjk3OGY0NTVkMjk3YzU3MjY2MDA3YjBiYzMzN2U1ZTBlM2NhN2E2YTYyZTNiZmYzNTYwODJjODdiMzMiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-83.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0d72ca8c86d40181d88501f4b5b9a9753994ef6cb8906d7e9d84252a275a2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 12:00:13 GMT
date: Thu, 03 Sep 2020 04:03:48 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=1980483
x-traceid: ca2671d8c0690df50786a4e6ed861887
timing-allow-origin: *
content-length: 28259

GET
H2 200 eyJpdSI6IjU0OTc1ZDlmMjAwMTU0NDg1MjU0Y2VmNjhjNTc2NDNkNzY5OWMzYzdiMjFhZWZmYWZlMDBmZjcxYTI2Yzg3ODciLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 48 KB
49 KB 59ms
52ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU0OTc1ZDlmMjAwMTU0NDg1MjU0Y2VmNjhjNTc2NDNkNzY5OWMzYzdiMjFhZWZmYWZlMDBmZjcxYTI2Yzg3ODciLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f2fb4168a674a9a87475d0f768d8665e4baa540e1fdc5ddef781e6042fa85368

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
last-modified: Thu, 13 Aug 2020 06:08:51 GMT
content-type: image/webp
status: 200
cache-control: max-age=943100
x-traceid: d8b0b621fb8ee3f1b1d949a592636e25
timing-allow-origin: *
content-length: 49412

GET
H2 200 eyJpdSI6Ijc5MTgxZjU0MTBhMDk2NGU2YmJhNjhiMzQ1N2UwYWNmY2Q4YWNhMTNlZWJiMmMxMDZjYTdmNjQ3ZGNlMjYxZDYiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 35 KB
35 KB 301ms
294ms Image
image/webp 104.111.218.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc5MTgxZjU0MTBhMDk2NGU2YmJhNjhiMzQ1N2UwYWNmY2Q4YWNhMTNlZWJiMmMxMDZjYTdmNjQ3ZGNlMjYxZDYiLCJ3Ijo0MDAsImgiOjI2NywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.218.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab3e21839df5cbfd7a36e2f9e5a259a9f460e867e89414c60de7153545170602

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:48 GMT
last-modified: Thu, 13 Aug 2020 09:06:06 GMT
content-type: image/webp
status: 200
cache-control: max-age=2462383
x-traceid: eb8fb3c989e805804f9a8274322151e7
timing-allow-origin: *
content-length: 35872

POST
H/1.1 200
OK tp2 Show response
i.ffx.io/com.snowplowanalytics.snowplow/ 2 B
438 B 343ms
343ms XHR
text/plain 3.104.80.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.104.80.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-80-72.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 03 Sep 2020 04:03:49 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.smh.com.au
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

OPTIONS
H/1.1 200
OK tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 0
0 313ms
313ms Other 3.104.80.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Server: 3.104.80.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-80-72.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.smh.com.au
Date: Thu, 03 Sep 2020 04:03:48 GMT
Server: akka-http/10.0.9
Content-Length: 0
Connection: keep-alive

GET
H2

200

/
adc.nine.com.au/ Frame 3CDE
Redirect Chain

https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID
https://adc.nine.com.au/?appNexusUid=7373366318006279658

0
0

340ms
339ms

Document
application/json

13.55.146.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adc.nine.com.au/?appNexusUid=7373366318006279658

Requested by

Host: adc-js.nine.com.au
URL: https://adc-js.nine.com.au/adc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.146.187 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

awselb/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: adc.nine.com.au
:scheme: https
:path: /?appNexusUid=7373366318006279658
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NUID=82e4396a1fc04e56abeaea8a91d91994
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
server: awselb/2.0
date: Thu, 03 Sep 2020 04:03:49 GMT
content-type: application/json; charset=utf-8
content-length: 43
api-supported-versions: 1.0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
set-cookie: NUID=82e4396a1fc04e56abeaea8a91d91994; expires=Fri, 03 Sep 2021 04:03:49 GMT; domain=.nine.com.au; path=/; secure; samesite=none
strict-transport-security: max-age=2592000

Redirect headers

Server: nginx/1.17.9
Date: Thu, 03 Sep 2020 04:03:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://adc.nine.com.au?appNexusUid=7373366318006279658
AN-X-Request-Uuid: 7829c546-2684-4343-b12e-514a54c9bea3
Set-Cookie: uuid2=7373366318006279658; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 02-Dec-2020 04:03:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.112:80

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
336 B 56ms
56ms Image
image/gif 18.202.95.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_c307_smh.com.au-world_S&asn=smh.com.au-world&sessionId=zRQDvv0QPOZOVtp1Ko7NJ8CjaARRf1599105827&prv=1&c6=vc,c307&ca=NA&c13=asid,P455839AC-95DF-4ED7-8966-E66F3202718E&c32=segA,NA&c33=segB,Sydney%20Morning%20Herald%20-%20News&c34=segC,NA&c15=apn,smh&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,G5j4h60C88WEChbc5gPO5NF3nMOTp1599105827&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15991058276171441&c30=bldv,6.0.0.537&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=p55rwy&c3=st,c&c64=starttm,1599105829&adid=p55rwy&c58=isLive,false&c59=sesid,&c61=createtm,1599105829&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.smh.com.au%2Fworld%2Fasia%2Fchinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html&c66=mediaurl,&c62=sendTime,1599105829&rnd=771305
Requested by: Host: www.smh.com.au
URL: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.95.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:50 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020083101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4c6ad122c55cef42703286eca83bcbc51d9682d9405578efc8507585756b6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 04:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6616
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 03 Sep 2020 04:03:50 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 26B0 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 03 Sep 2020 01:18:34 GMT
expires: Fri, 03 Sep 2021 01:18:34 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9916
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 200
OK tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 0
0 312ms
312ms Other 3.104.80.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Server: 3.104.80.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-80-72.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.smh.com.au
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.smh.com.au
Date: Thu, 03 Sep 2020 04:03:51 GMT
Server: akka-http/10.0.9
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK tp2 Show response
i.ffx.io/com.snowplowanalytics.snowplow/ 2 B
438 B 329ms
329ms XHR
text/plain 3.104.80.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.104.80.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-80-72.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 03 Sep 2020 04:03:51 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.smh.com.au
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 15ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020083101&jk=322205654367992&bg=!q6ilqLBY58qGPO8qfPACAAAAjVIAAAARCgC48Aepc3IoGRZbRLa8F9gJaSaGqyn1RltNRIipKRRlSgv3WyCbcoxHKaiADevaJepcEdCz0pOxXm8mbYDqFSWVdJQI_fKUKuinZlNCGYHF7Ub5HHVnzY00Lw5jsdBEcdR7aFhjzeIIjQZeO2j4-sutD6a98Rbl_HMdGR5kkK1n3L3U9HM8yhKH6lI3QwCm0FVvEBuLW6oc2czeuRpTnL-LcDaHEuJ5f9-sAR-1D8G_oTd8IzzjUjZFrZkBpykwvxw6E96zdnu9qylrVTd63idUJwYihupv_AXoVF9s3YZFO855pgVc8q-1spmsLsJBPEzjPJSMbOxVFLoFhlQ1PU-bhkyMi1R46_uIG3W29EPOSVnA_Da3XA5UA2NSYJy8WDLanjZRmW7PVC2hmdfw-MHHSt9VxdbMXrz_Cl9tuZ-EEa1ydFA4Q5lU8wGeWXGeUjbCit2XdCXhw5jl71Kpe2gMLJMlkQczf5MrLTk_RqO5skrXIFM133JJgVBezrmt98V6IhV9oYUVlyW-JcIp172n6f-DFryN7UHCIaHJ4B-SmtBD3b1OM0pp04JrjPYoYTfcVDQZ4BGlf4FCm__R6ixtjeoX_nMS37DmsKdEe53DnxsfR0uC8wKdR1I81fZ8-ZSR9EGXsYgiCymmXTLDRgZ_DQ-UP5x0qaoVjS0-hiXyrHlKeM-4ijUZEwNk7x7WjgC-OXz83ToE8XRXrgfbAr0nNRIz776XbDAEon2vlLIbjlSFymGhiX8at5kEWM7WzWmx0T04dxKz0E9fsc5SN0esuRbZmIWG7y0PDUS1wMPaOaA4Hg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 04:03:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.outbrain.com/	1970-01-19 12:54:57	Name: pwrlnks Value: ygsDusXqLQFbIYQy2xWHuaoXCycsCUuNNGKjULT6a9M=
.outbrain.com/	1970-01-19 12:54:57	Name: rtbhs Value: m8Wje3aOzw5soqB75Xen
.outbrain.com/	1970-01-19 12:54:57	Name: bdswch Value: 22ca3409-4aad-4dc8-bd62-04f6fcb1ec66
.outbrain.com/	1970-01-19 12:54:57	Name: rbcn Value: KEMABMO9-M-A9HC
.outbrain.com/	1970-01-19 12:54:57	Name: actvagnt Value: 6868107238403537045
.outbrain.com/	1970-01-19 12:54:57	Name: adot Value: 053d20050050825ed6f4b189
.outbrain.com/	1970-01-19 12:54:57	Name: ttd Value: d4413ca5-cda9-432a-bb46-2d6aed779a41
.imrworldwide.com/	1970-01-19 21:33:21	Name: SSCVER Value: v1
.demdex.net/	1970-01-19 16:30:57	Name: dextp Value: 358-1-1599105827403\|771-1-1599105827504\|6835-1-1599105827605\|19566-1-1599105827706\|72352-1-1599105827807\|66757-1-1599105827907\|796-1-1599105828008
.imrworldwide.com/	1970-01-19 21:33:21	Name: IMRID Value: 778b5d30-ed9a-11ea-a97d-d95286785b89
.doubleclick.net/	1970-01-20 05:42:57	Name: IDE Value: AHWqTUkZPC1hhXNEhbUZsfLz849dQ34SuRqrH3PYW4kdjqSmzqFY5uwlmQso0gLS
widgets.outbrain.com/nanoWidget/externals/cookie	1970-01-19 12:11:49	Name: thirdparty Value: yes
.smh.com.au/	1970-01-19 20:57:21	Name: NUID Value: 82e4396a1fc04e56abeaea8a91d91994
.smh.com.au/	1970-01-19 14:21:21	Name: OB-USER-TOKEN Value: 640f4443-6bdf-4362-a4dc-968655e0dc51
.smh.com.au/	1970-01-19 12:11:47	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.smh.com.au/world/asia/chinese-hackers-target-emails-with-who-australian-medical-association-campaigns-20200903-p55rwy.html%22%2C%22sref%22:%22%22%2C%22sts%22:1599105826768%2C%22slts%22:0}
www.smh.com.au/	1970-01-19 12:13:12	Name: ffx:audienceSegment Value: single/loyal
.outbrain.com/	1970-01-19 12:11:45	Name: recs_558dcd8a6135ea55243bf5d5c14c9533 Value: 0B2376065607A2917807572A2050761841A2713511014A2561710516A3015065936A3014997365AC3B2176881122A2991459249A754025593ACD1
.smh.com.au/	1970-01-19 12:13:12	Name: _uetsid Value: 88a7304f86835aedde7b7a1b69ae71b6
.smh.com.au/	1970-01-19 12:54:57	Name: aam_uuid Value: 75620917634465337720407927550618140237
.smh.com.au/	1969-12-31 23:59:59	Name: AMCVS_50AB0C3A53DB1B290A490D4D%40AdobeOrg Value: 1
.nine.com.au/	1970-01-19 20:57:21	Name: NUID Value: 82e4396a1fc04e56abeaea8a91d91994
.outbrain.com/	1970-01-19 12:54:57	Name: zmnta Value: 19Hrx66fykCecMWV6hd1
.outbrain.com/	1970-01-19 14:21:21	Name: obuid Value: 640f4443-6bdf-4362-a4dc-968655e0dc51
.smh.com.au/	1970-01-19 12:11:45	Name: _gat_ffxTracker Value: 1
.smh.com.au/	1970-01-20 05:42:57	Name: _sp_id.916a Value: 41b515ae-d384-45f1-8021-6ca589999d2e.1599105826.1.1599105826.1599105826.bb100612-3a22-4dbc-8bea-2b9a2b561147
.smh.com.au/	1970-01-19 14:21:21	Name: _fbp Value: fb.2.1599105826877.829764976
.google.com/	1970-01-19 16:35:17	Name: NID Value: 204=MPJm2Gv5h3m6wWoBV_L2Lw_OAYnHdgSH8z6_AOTH82ajNAXCJ1Kn21vzew0aiOd1A6GERU90ZgRqVvzDql66LtQdSArYupXHEM-ecsIapoxm3HWguxq9yQmeRlspHt-WP05L3Q0ihoDZTiYCgHu0gTgWRCbU0DnDg5OtlRBXqmQ
.smh.com.au/	1970-01-20 05:42:57	Name: _ga Value: GA1.3.109058600.1599105826
www.smh.com.au/	1969-12-31 23:59:59	Name: _bsMode Value: false
.smh.com.au/	1970-01-19 12:11:45	Name: _gat_blueTracker Value: 1
.demdex.net/	1970-01-19 16:30:57	Name: demdex Value: 75620917634465337720407927550618140237
.smh.com.au/	1970-01-19 16:30:57	Name: optimizelyEndUserId Value: oeu1599105826511r0.7531915027669149
.smh.com.au/	1970-01-19 14:21:21	Name: _gcl_au Value: 1.1.1900750151.1599105826
www.smh.com.au/	1969-12-31 23:59:59	Name: GED_PLAYLIST_ACTIVITY Value: W3sidSI6IlBEemYiLCJ0c2wiOjE1OTkxMDU4MzEsIm52IjowLCJ1cHQiOjE1OTkxMDU4MjYsImx0IjoxNTk5MTA1ODI2fV0.
.smh.com.au/	1970-01-19 12:13:12	Name: _gid Value: GA1.3.1407265983.1599105826
.smh.com.au/	1970-01-19 21:41:09	Name: _parsely_visitor Value: {%22id%22:%22pid=699c1c03223a0905cca9419395902d3d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1599105826768}
.smh.com.au/	1970-01-19 12:11:47	Name: _sp_ses.916a Value: *
.smh.com.au/	1970-01-19 12:35:09	Name: _uetvid Value: d7c593c4ed044b9ad704aa6a192cfded
.smh.com.au/	1970-01-20 05:42:57	Name: __gads Value: ID=074f4afb164bd318:T=1599105827:S=ALNI_MbMEyT--f6ju1ekvmGPn4MhyJpQ2g
.outbrain.com/	1970-01-19 12:54:57	Name: mdfrc Value: 3578f6fb-c74c-4ed0-9485-7cd153afd854
.smh.com.au/	1970-01-20 05:42:57	Name: AMCV_50AB0C3A53DB1B290A490D4D%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18509%7CMCMID%7C75649079563645897110406236707716860494%7CMCAAMLH-1599710626%7C6%7CMCAAMB-1599710626%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1599113026s%7CNONE%7CMCSYNCSOP%7C411-18516%7CvVersion%7C3.3.0
www.smh.com.au/world/asia	1969-12-31 23:59:59	Name: Value: cookie test

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 33) Message: Subscriptions Runtime: 0.1.22.119
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 33) Message: [swg.js:setOnSubscribeResponse]: This method has been deprecated, please switch usages to 'setOnPaymentResponse'
console-api	warning	URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js(Line 1) Message: VIDEOJS: WARN: The prerollTimeout option is deprecated and will be removed, please use the timeout option. The prerollTimeout will be set to the value of the timeout option.
console-api	warning	URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js(Line 1) Message: VIDEOJS: WARN: The postrollTimeout option is deprecated and will be removed, please use the timeout option. The postrollTimeout will be set to the value of the timeout option.
console-api	log	URL: https://players.brightcove.net/3910869709001/HylmeNWLjl_default/index.min.js(Line 1) Message: VIDEOJS: Setting up IMA middleware

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .ffxblue.com.au .ffx.io .smh.com.au .theage.com.au .brisbanetimes.com.au .watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10510523.collect.igodigital.com
37ac4d546e950ab7398636e36d4f7ac4.safeframe.googlesyndication.com
6588526.fls.doubleclick.net
8116316.fls.doubleclick.net
a304207300.cdn.optimizely.com
adc-js.nine.com.au
adc.nine.com.au
adservice.google.ch
adservice.google.com
api.smh.com.au
apis.google.com
bat.bing.com
cdn-gl.imrworldwide.com
cdn.parsely.com
cf-images.ap-southeast-2.prod.boltdns.net
cm.everesttech.net
connect.facebook.net
d2uhnetoehh304.cloudfront.net
dpm.demdex.net
edge.api.brightcove.com
fairfaxmedia.gscontxt.net
farm.plista.com
googleads.g.doubleclick.net
i.ffx.io
ib.adnxs.com
images.outbrainimg.com
imasdk.googleapis.com
log.outbrainimg.com
logx.optimizely.com
manifest.prod.boltdns.net
mcdp-chidc2.outbrain.com
media.plista.com
metrics.brightcove.com
mv.outbrain.com
nd.demdex.net
news.google.com
nova.collect.igodigital.com
odb.outbrain.com
pagead2.googlesyndication.com
platform.twitter.com
players.brightcove.net
plow2.streem.com.au
s0.2mdn.net
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
srv-2020-09-03-04.pixel.parsely.com
static-au.plista.com
static.ffx.io
static.plista.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
vjs.zencdn.net
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.smh.com.au
104.108.68.187
104.111.216.19
104.111.218.83
13.35.255.237
13.55.146.187
138.201.125.235
143.204.212.151
148.251.77.207
151.101.114.2
158.101.192.251
172.217.16.198
172.217.18.162
18.202.95.48
185.33.220.241
23.111.11.152
2600:9000:214f:6600:2:42d9:3100:93a1
2600:9000:214f:6a00:10:2964:9d00:21
2600:9000:214f:d400:1e:a43d:b640:93a1
2600:9000:2156:9600:7:3896:c640:93a1
2606:2800:234:59:254c:406:2366:268c
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2006
2a00:1450:4001:814::2002
2a00:1450:4001:815::200a
2a00:1450:4001:819::2003
2a00:1450:4001:81b::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::2001
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::729
2a04:4e42:3::539
2a04:4e42:3::645
2a04:4e42:600::645
3.104.80.72
3.221.240.86
3.24.219.150
34.232.20.147
34.254.111.26
35.244.232.184
52.20.153.254
52.207.52.76
52.208.212.211
64.74.236.95
66.117.28.86
70.42.32.159
95.100.105.90
000a147828b1ecf32d8f898183a38ea4c62bb6805b5e950e44d9dd2db374403c
03fe3d47dfc75ec3a02552ec71c4adac62181a2fc03b397a5aee3db416a4d163
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b0cf30f35fb111ba58b36ea67493fa14be275bc98ff3853f233a650f961aa4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07e8b3f05d28066ebb5e1933d097f10c5cc5ac3f57e166a55b81d7e69c4dba10
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
092f3201317b7ef608f6a899d395d36cffcca4d6824f00bc50120e84341c76f2
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
09a76468fece9301ba35ec8cdb31bbb0716afebe76f2c936228b947f6a7fcff2
0a7a6ec1926c9a95f4da36faf6691d6faa15bb03b6b0f52e9d38b62bf803b551
0b49c6515863dca2bc09407c2febdb4ee5d6e3207aed42c653dec4cdd7674ae9
0fb015e4ce33108cbcc5315b07bd5575b42693cc761dfd209f1e14ba73764e29
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
186688b2dc53205d17bfae50aa29edd6028b75aee169bab8265904c1d3618c2a
197d5577c5c73eb85ab11ef2bb2bb971844b502ada2e4fc85c585668f4f08cd7
1c7911061a56c9d18f1e4279f60a4a48e7049dab3c8a61b643106bf250a9272f
1eefe6bf485d895a1c8ae3da106274c4009d17734834f33e2090cfb99eb4fd81
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
211eb9786d8a5d3b6a1fcda2b03d01343c519f1edd8df736940588169ec8f1ae
2453603ecc5432fab703190c8f1fe9ed9d90194c27c3017402f997c7cdc80611
256c987586447a6c0d3f0d2bcdb1743b7f2df405676ebf8df4cee6b9ae75722d
2596870584bca022c9988c2219f90229b8621de34f1512cfa7ed700ae993f408
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29d8b303881b8d43efaf55fe6f12ce62c94862aabb075a8bef18afe31d16cd2f
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d25f06ba5a1e228262948c457155e24a1d91bfb5dad460bd1dcfe2106011f20
2fd29eb1173ad614561c0e33a3834bd39577d19794da52aa421f3e2ac10ad3ad
3735339834d5454c5e7b9566cd212eba9351442b5dd5a5fdd5e7b1ef516e659f
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
3943ddf0ac23a41b8dda3b95ca96be09f2dbb5b694bba403adfbfc8b002c7616
3a58e10dd5cc4339f96afd0732248e33f25f5c56000321134a24dd695b5f4536
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
401ad5511a2dddc48bf8e9b713e2074b22edcb085ae530892536510e4b4f2825
40da371ab0f66ae687c32e8b2e3fa0830bd7d45bf488d2c4e91e88c708ac8c85
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450c0af8ebb88355e907a1b5d137af249d3e522d47106572722823e3cadd894d
46276c2f730d599d6c8478ccc80bfe23c2c263ee0d6fdb3dc45a29f2c07520bd
47fd0b02468664d6b39a7d1c68b4829fd7a3c14ca4d28c2e4dc5d67d8fb62dcd
483689ecccd791731dcf700dedb2900e201cff0abd56ca28d3e68c11159551b0
48fcb83f88c6b3b27c820d40a7cf2fce909c7483e61fbd8b1924996f0f6e4d0d
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
4ab70be4460230eb96101cb73c24bf515f8970010e1aa60f8534b961145beda6
4aff92a68cf24362fb2da7631c8bc47e99699ff271c91a74e4479568ab831d33
4c095c754b69ab8025bd1c844820e0beb2156ccdbf6e911eed53ccd623fa69d9
4d4d248ee4fe4992c80ee3c1f17b1b1866bd561e22d382be2332d31aa29afd7f
4e4cc30e47a20e13d4a261e0cf5b93a2f6dfc09efa0769c17b959e00648b191a
4faeb536f1c5f9b13ecea5bc4434f678cffb1d1f4cc707b67c435ba43fa12e59
4fc475c72236d86cc5d8516a4afa0102f0b7379203fbde407d20f00e9c9a5dc6
516de355421a1f0e0d37a86f09f89e9edec8c0253ccc573de9c76a7c554d1502
5179b05f74c33f1510e6ebc2e00b13da0b2995f28789edb2b87a4556961f93e3
5515d1247e3cf994e9a87406c1567af03c3b615635da40595f7006864f69c817
555c4efa0453400bc9611ce7f1185fd34a452e5dda94fe47a207afe6b17be293
555ec6fbd4fbb1181082c8034acd8983cb821a3779b54d770be2963c2b5a987f
594caaa6dca194cb22f38d08fd456afd6d57089d43b5705e8d8bbd3065e5a702
598951fb3b317fb2072080eefef33dfdaa4b69e88c1d1c16a36c44ac595d47fe
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a867d0c8d5d8dfbdafc4b9d1dc17d3b9048e7c66c8abaaeab54685532ee8c09
5b03716e43264c47d278d5b8d90b02560166c25746d4b53da5a91605f8ea9ff5
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
612a7fe1467b42ac68f5c91131f58c106ee4d322625da1324e7e61c43426a2a3
628ae987c5c4063a0211af2a615fff6655270e081ce872a997100602679dc4df
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
645e9889f1da02924820f19e897848f07b61fcec739fac03d7d828341e2c95b1
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bca6cbde970e0e3b1220f896fc5f25a9fb04036ed43a8c26090009ec85f9d4b
723c2c4708075116cb94201f366fd66584fdd47ee569d962cdb81616f5a70f36
7630b3dd2b6e83a3d5295706cccdddf75013f8a9970435a999f2f0dbb5a579f7
76b166d33dbe05fad3abfcf189eb46c7b46bb591481aa382e6fd88be03c2363a
76e6f909ab5b39358828ced9b1563022feb39fc1fc6894dc8dbc6ca9bc77cee0
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78ad51bcb3aa3318e85b3bed60beb799d2da366f593b00b261ff98b3fbeb21f8
7e30872ede903726d0362f16dc08be25b080433cf5fba236b219893b8490b341
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
80c2173fca254071ebd7c636f018c2a59d4844ee3451f3e83a8e2efb588026fc
812c6896752aaa14e875136dee2048394c39632f511b712c843d2f9dabf7af3d
8410912083e902f7da21faaa83e224ed1c2c10062abf4046f24770ca8e5d7607
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
886c2aa982e2c733a596bc4e0193db564f4c93087403ed841cdace498063d0e9
8c2779fc33105029882ae851aa9ab50ca118f88c9e0f65abf3410eb832263e49
8d048ac7fe0a8049c22b36a7eb5ac9026df16f1a2a5024290b4e3982be1c7609
8d117b976156353a0e79ffdaeed8f27d935c87530e2dfa573c62f5531f7587f6
8e797d483038c2cdc6bf82f34a2a56375d6b326edd7cc6c55b94fc9b69c8b2ed
8fa9095bad08410bd71b72e1a9b7956f58b9234dee7befeb42bdd8d54a117454
919acea7356cf2b096f7c3eb5e24b4f6ce37a9f286fcc78fc59e9bf9bd3f8917
91db941ecd27c7c63fdc676d059046d775f2d2f557908fe170fc9c1c174dd667
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
96e63d753085af20ed4a940ab68790cbda129fa0422631ad4d88d54809d6c124
97e2269fd9abcd397be339766b5b6901668eda0e72adb2cb4a0b8277f3e052cf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b4b0d4eef1ba20c265876d97f800d329b258f16a01933ec16c9ce4198516154
9bb8a79b273df670a0a509a6b7100aad4c9de865d0d129cd84b583f6fa1d03ee
9ccfd8f54c8527ed821fc940db195ee18dd0f7119f12417216c563e4d431e0d4
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9d3d5d61a2e60046cf730f97d11a64d6aa9323ee6e2e2e899973bbe2a3ddc6a5
9f0f0573723f7309c09eb7d2d71512e6be2e8e76e395672c77ef4e70e9322582
a0d72ca8c86d40181d88501f4b5b9a9753994ef6cb8906d7e9d84252a275a2bb
a0e67da2dcb273ee4036fe60f2576e0c293e3f509df4f95c512f1f77260ff276
a4c6ad122c55cef42703286eca83bcbc51d9682d9405578efc8507585756b6f9
a70879772cfc54d88d1663a13aaa70d9a93733f1dfe6cf827e901b6b70f789b4
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
a82052976b9778a91e14b3b5f3579261b4bd2f69921fd4296d876824065ecc20
a96c14280986223d263dd5193b3e58f0fed647b24b60294a5b65bc3a1aefa8ac
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ab3e21839df5cbfd7a36e2f9e5a259a9f460e867e89414c60de7153545170602
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af4420e27b547949e323639a9adf9a644714745c7a6e2dfc48fdd104b75ce0b5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6bc30e465f3b6f6de82d2415c53b094c834640703589321146269d5170463d5
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b79ae482437844c3aef37434a80abc00b97753ea9cb8549b12874b7bcf968e25
b7b1e7f550a665ab6261d89a5779c1dd5ae0d3d98f58ea7d2465402df829fa74
b927c9ac86e212dfa78341f31e55ba931a84a983ed996ed6884c5a53f29e96c8
bb4c805c1d528a0f4d53b2869d01e56e541647ac3fee9826d934e6700e75e676
c3ac554741dfb7a3d5c75a01cc0f2c9a84abc87816697afb911d819abc39b289
c6cdb5def9e45b073ad12a883c4efa5c7b57cb8ebe31b6b8bf0eec2fbe5696b4
c7fef2c581107cf390cb8599a26696e51bd7c4ab4ab44e2ad0be2222ee4fb128
cb569941f4f8b117402a398f9ca0c7527042b28319dfdadffda43c4a0ad3d5c9
cec2f2b92af5b6ef33669a5db9041e9d7333c66aa1c6aa27c632e9b87277fc27
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1036ed345a97828e3040f0fc6b22fe5a89627e97be69b09109a18d34c2ad351
d36c30bbe7beb1ae7519d037630386514a1464b237891b3428d6b63c2a932aa7
d8cbb84320501e7ba07f1793b7ce865f022a7afc1d4e1c3abd2c9879f12dbf1e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df1d737a77ab72d6c36f7796902091f213775556d075753022297101bd643bf7
df43c89d3005f2633212a6f6e9dafc1683ac402024ad05ab91b1ac50500d76e9
dff229c9f000e971cb270105fb72022c3657ede11c47aba82433d8c1b53ebc42
e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753
e0e4161e6360aa1ccac20398c08123e2855c3c08f0508ef50e0f8a869125a0b2
e1210d9a27fa0c5ea2f9d3e2c7950ae8bd3695c65ad11b4b13d0883629392c42
e1831d24308d127206b89832b609fe96945c8112dcc90515f91818e3b4bc86ab
e1f594e1147f437b18a5feb0c8821e7e94aea25b68af7e6fab5da51b44dab310
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa0b2658ab77a3f236c3597b70c57b24e6220da0004efdf7d9b97512e1c925
eb740c2d57fba9a94a1826395b0b741eaf8e176ad2bced6331d0e67094b12818
ecb98c8ffeba70192e814feff8243d937ba2b30ef4095adbffcdd9831602e716
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8ca2f2488b3f68f22299c5a3f95bf7d192afc198af6e5132a8207421171267
f2fb4168a674a9a87475d0f768d8665e4baa540e1fdc5ddef781e6042fa85368
f3ab1a607e3f45f557792b94ec0aa5622e22df944c425d676b9c4e21cd9405d8
f5d8ef4d01c05ab65fa428ef13b6e0ad8992272baeba1f15bffbc2bbf8647d9a
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f8dae99ec003a9271ab2371e08ebdfcd0e46a3065b4a6b4028cd9ad5c124f8ac
f9c95f8c4bef6534d7e497afa2f0066e2f4529a5cf441d22c1a9076727ae848b
fa0e11f292afc057de3a9c92fc30b0c711ef68a6202a6bb869c640f24de7ec9b
fa898cffbd7615ad66b68b7d543872c9a06197c141f458b6b1f86cfc8ce43a53
fb6b77c5eb4afad727a4ad970ae220adc0fa019faed32d063fbe7ce84ca0f30e
fc0f297e98a89b8799e9c4be1e11d05792a94a7762ec18950209a29c40ef2fcf
ff1337546d22ce8cab54ef1cdabfd561a238a0bdd7e9c478e35ee282b5984d97

www.smh.com.au Open in urlscan Pro 2a04:4e42:3::645 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

215 Requests

96 %HTTPS

52 %IPv6

35 Domains

65 Subdomains

57 IPs

7 Countries

4548 kBTransfer

10959 kBSize

42 Cookies

57 Outgoing links

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.smh.com.au Open in urlscan Pro
2a04:4e42:3::645 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

96 %
HTTPS

52 %
IPv6

35
Domains

65
Subdomains

57
IPs

7
Countries

4548 kB
Transfer

10959 kB
Size

42
Cookies

215 HTTP transactions
10 data transactions