www.themandarin.com.au Open in urlscan Pro
192.0.66.82 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Submission: On October 31 via manual (October 31st 2022, 6:50:16 am UTC) from JP — Scanned from AU

Summary HTTP 247 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 54 IPs in 5 countries across 50 domains to perform 247 HTTP transactions. The main IP is 192.0.66.82, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.themandarin.com.au.
TLS certificate: Issued by R3 on September 18th 2022. Valid for: 3 months.

This is the only time www.themandarin.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	192.0.66.82 192.0.66.82	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
18	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
3	142.251.10.97 142.251.10.97	15169 (GOOGLE) (GOOGLE)
3	172.64.132.15 172.64.132.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.195.153.54 23.195.153.54	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.224.250.81 13.224.250.81	16509 (AMAZON-02) (AMAZON-02)
1	13.227.255.71 13.227.255.71	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
9	74.125.24.95 74.125.24.95	15169 (GOOGLE) (GOOGLE)
1	104.26.10.19 104.26.10.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
31	104.18.35.151 104.18.35.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	74.125.24.190 74.125.24.190	15169 (GOOGLE) (GOOGLE)
1	146.75.112.157 146.75.112.157	54113 (FASTLY) (FASTLY)
2	42.99.140.192 42.99.140.192	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
1	52.86.241.86 52.86.241.86	14618 (AMAZON-AES) (AMAZON-AES)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
3	74.125.24.101 74.125.24.101	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	13.35.8.67 13.35.8.67	16509 (AMAZON-02) (AMAZON-02)
4 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
2	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
2 2	184.31.5.52 184.31.5.52	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.9.185.218 23.9.185.218	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4 4	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
2 5	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 6	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
1 8	142.251.12.103 142.251.12.103	15169 (GOOGLE) (GOOGLE)
5	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
2	23.36.253.98 23.36.253.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.251.12.149 142.251.12.149	15169 (GOOGLE) (GOOGLE)
1	142.250.4.132 142.250.4.132	15169 (GOOGLE) (GOOGLE)
1	142.251.10.119 142.251.10.119	15169 (GOOGLE) (GOOGLE)
1 5	23.53.160.138 23.53.160.138	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
1	74.125.68.154 74.125.68.154	15169 (GOOGLE) (GOOGLE)
7	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 2	52.221.40.105 52.221.40.105	16509 (AMAZON-02) (AMAZON-02)
2 2	54.150.10.110 54.150.10.110	16509 (AMAZON-02) (AMAZON-02)
1	89.187.162.134 89.187.162.134	60068 (CDN77 ^_^) (CDN77 ^_^)
1	23.73.13.201 23.73.13.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.197.202.80 52.197.202.80	16509 (AMAZON-02) (AMAZON-02)
1	35.160.185.12 35.160.185.12	16509 (AMAZON-02) (AMAZON-02)
6 11	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
10	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
2 2	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
17	142.251.10.148 142.251.10.148	15169 (GOOGLE) (GOOGLE)
2 4	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2	34.237.219.119 34.237.219.119	() ()
247	54

34 192.0.66.82 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.themandarin.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.132.15 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.250.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-81.sin52.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.255.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-255-71.sin52.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.10.19 (United States)

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.18.35.151 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 74.125.24.190 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f190.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.112.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.241.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-241-86.compute-1.amazonaws.com

api.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.8.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-67.sin5.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.5.52 (Singapore, Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.60.146 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.157 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.24.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.12.103 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.253.98 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-253-98.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f119.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.53.160.138 (Singapore, Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-138.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.221.40.105 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-40-105.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.150.10.110 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-10-110.ap-northeast-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.162.134 (Singapore, Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-162-134.cdn77.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.13.201 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.197.202.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-202-80.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.185.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-185-12.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.158.64 (Singapore, Singapore) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.97 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.219.119 (None, )

ASN- ()

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	themandarin.com.au www.themandarin.com.au	795 KB
31	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 5795 data.dianomi.com — Cisco Umbrella Rank: 8726	49 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 317	192 KB
19	rubiconproject.com 10 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 915 eus.rubiconproject.com — Cisco Umbrella Rank: 573 token.rubiconproject.com — Cisco Umbrella Rank: 657 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 807 pixel.rubiconproject.com — Cisco Umbrella Rank: 338	29 KB
18	googlesyndication.com 3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 135 pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	123 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	109 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	224 KB
15	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	922 KB
10	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1402 t.teads.tv — Cisco Umbrella Rank: 2633 sync.teads.tv — Cisco Umbrella Rank: 1238	134 KB
10	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 36 jnn-pa.googleapis.com — Cisco Umbrella Rank: 258	64 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 71	16 KB
6	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 336	792 B
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 383	109 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 373 www.linkedin.com — Cisco Umbrella Rank: 584	4 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 289	3 KB
4	google.com.au www.google.com.au — Cisco Umbrella Rank: 24545 adservice.google.com.au — Cisco Umbrella Rank: 78732	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 291	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1412 load77.exelator.com — Cisco Umbrella Rank: 2922	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2771 api.parsely.com — Cisco Umbrella Rank: 9824 p1.parsely.com — Cisco Umbrella Rank: 2137	22 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 842	170 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	150 KB
2	pardot.com pi.pardot.com	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	94 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	239 B
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 734	613 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 414	403 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	112 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 478	466 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 3234	376 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 685	5 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2647 pixel.wp.com — Cisco Umbrella Rank: 2429	3 KB
2	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 18241	31 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 555	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 467	500 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 514	507 B
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 702	532 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	19 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	3 KB
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4259	391 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 538	396 B
1	t.co t.co — Cisco Umbrella Rank: 475	378 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 601	15 KB
1	wisepops.com loader.wisepops.com — Cisco Umbrella Rank: 12157
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3872	42 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 699	20 KB
0	effectivemeasure.net Failed au-ssl.effectivemeasure.net Failed
247	50

	Domain	Requested by
34	www.themandarin.com.au	www.themandarin.com.au
23	www.dianomi.com	www.themandarin.com.au www.dianomi.com
17	s0.2mdn.net	3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com s0.2mdn.net
15	www.youtube.com	www.themandarin.com.au www.youtube.com www.googletagmanager.com
14	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
12	securepubads.g.doubleclick.net	www.themandarin.com.au securepubads.g.doubleclick.net 3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com www.themandarin.com.au securepubads.g.doubleclick.net tpc.googlesyndication.com
8	www.google.com	1 redirects www.themandarin.com.au www.youtube.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	data.dianomi.com	www.dianomi.com data.dianomi.com eus.rubiconproject.com
6	pagead2.googlesyndication.com	www.themandarin.com.au securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	token.rubiconproject.com	4 redirects eus.rubiconproject.com
6	idsync.rlcdn.com	3 redirects www.dianomi.com sync.teads.tv
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	sync.teads.tv	1 redirects a.teads.tv sync.teads.tv
5	cm.g.doubleclick.net	2 redirects sync.teads.tv eus.rubiconproject.com
5	fonts.googleapis.com	www.themandarin.com.au www.dianomi.com s0.2mdn.net
4	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com www.themandarin.com.au
4	x.bidswitch.net	4 redirects
4	eus.rubiconproject.com	data.dianomi.com eus.rubiconproject.com
4	px.ads.linkedin.com	3 redirects eus.rubiconproject.com
3	match.adsrvr.org	3 redirects
3	www.google.com.au	www.themandarin.com.au
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.themandarin.com.au
3	a.teads.tv	www.themandarin.com.au a.teads.tv
3	use.fontawesome.com	www.themandarin.com.au use.fontawesome.com
3	www.googletagmanager.com	www.themandarin.com.au www.googletagmanager.com
2	pi.pardot.com	www.themandarin.com.au pi.pardot.com
2	pixel-us-east.rubiconproject.com	2 redirects
2	www.googletagservices.com	3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	loadm.exelator.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.themandarin.com.au
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	t.teads.tv	www.themandarin.com.au
2	pippio.com	2 redirects
2	us-u.openx.net	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	www.themandarin.com.au connect.facebook.net
2	p.adsymptotic.com	1 redirects www.themandarin.com.au
2	cdn.linkedin.oribi.io	snap.licdn.com
2	snap.licdn.com	www.themandarin.com.au snap.licdn.com
2	clientcdn.pushengage.com	www.themandarin.com.au clientcdn.pushengage.com
1	beacon.krxd.net	sync.teads.tv
1	aa.agkn.com	sync.teads.tv
1	tags.bluekai.com	sync.teads.tv
1	load77.exelator.com	sync.teads.tv
1	dis.criteo.com	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	tags.rd.linksynergy.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	www.themandarin.com.au
1	t.co	www.themandarin.com.au
1	pixel.wp.com	www.themandarin.com.au
1	p1.parsely.com	www.themandarin.com.au
1	api.parsely.com	www.themandarin.com.au
1	static.ads-twitter.com	www.themandarin.com.au
1	loader.wisepops.com	www.themandarin.com.au
1	stats.wp.com	www.themandarin.com.au
1	cdn.parsely.com	www.themandarin.com.au
1	cdn.evgnet.com	www.themandarin.com.au
1	ajax.googleapis.com	www.themandarin.com.au
1	maxcdn.bootstrapcdn.com	www.themandarin.com.au
0	au-ssl.effectivemeasure.net Failed	www.themandarin.com.au
247	73

This site contains links to these domains. Also see Links.

Domain
www.cyber.gov.au
media.bupa.com.au
www.facebook.com
twitter.com
www.linkedin.com
bayansehri.com
esenyurtajans.com
esenyurtkizlar.com
istanbulstar.org
avcilaravans2.com
beylikajans1.com
marmariscarsi.org
izmitesc.com
funkotj.com
antalyapostakodu.com
www.privatemedia.com.au
www.crikey.com.au
www.smartcompany.com.au

Subject Issuer	Validity	Valid
themandarin.com.au R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-13` - `2023-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.pushengage.com Amazon	`2022-02-18` - `2023-03-17`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-10` - `2023-02-10`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-10` - `2023-02-10`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2022-11-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Frame ID: 17EBC3EDA6E134E14F4381D3176603B3
Requests: 103 HTTP requests in this frame

Frame: https://www.dianomi.com/recirculation.epl?id=106
Frame ID: 858A07C8CBAE46DA9BDADAF583FC24A5
Requests: 9 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=4755
Frame ID: F298EBAC33B677F92DFC0D4792F49EB5
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
Frame ID: 8D440916691EEF4458366A5078A48FEE
Requests: 28 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5284
Frame ID: 664FF4A3AF01DC46BE630364BB9EFF8A
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Frame ID: EB4AAC98EC7BA2D91BB1F61A0F59D8F2
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Frame ID: 271ABEC51A8D6B85D137FBCEEEF13844
Requests: 12 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Frame ID: CE490D865ED4C43870BCE747B833470F
Requests: 10 HTTP requests in this frame

Frame: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F262D30FAE11884F54F93B140F41484
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2A2A23E7E64F1C1DA01DF5CE8E7908AA
Requests: 1 HTTP requests in this frame

Frame: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6EE97186DF42C782541948496C6AB81C
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 3C308E2DEEADBA5BED1D941F3FF4A736
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoksxbvpISxYQKb9ZJfDXPg8AQ4xJCeJrmGSP1Ev4a_wj228s3YPQeo1eHxftpktqy995-8tgFW9wlFLjxF5s9HhQDYsy7mSkqAsNNtfY85ueM0tG2ULq-P6pHyDWBq3D00inRPsEsG9LC-GS5l8i0LR5RT2H7RIpTsmKigtLX8VZgumeRWZkQqu-4V_n3Lnm752aevHBzMz76009YAuRpF5kGtARxr8qLI_WCda7XgzaO8XS2DXQsNYjjdg3ZW-EraB31Vq0IzTZ6jWtANpKRnhWXD211Ru75VziKFVnc20b0mQdxI1_fN23vuz0eHCOEhcGyLHPoFZ-SyWO-XW1aneytu9n52LKCuZI04Q&sai=AMfl-YQ2-iNeey7ayFjwalkoMtdSAXZt_F3PYNHPSY_2iYiNyl3aJJamC2YPYT80-aAFfzttci8KGGfW0i-MVLPDZw4_LCX4JqCQw2pEZWH1b9Ljbw-TJZNZndGKMQbnBq22eQ&sig=Cg0ArKJSzOKbmm_M35-UEAE&uach_m=[UACH]&adurl=
Frame ID: 3C491210198B7899F7F8B70743134DEA
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
Frame ID: D9274767EC6C8A6CF24B76C6F33103D4
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D7ED1703D6BF8F68C9FDEE2589CA119
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67D39939F327DC07D03218A0731E547D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ASD warned of critical vulnerability for ForceNet provider in 2021

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

247
Requests

90 %
HTTPS

0 %
IPv6

50
Domains

73
Subdomains

54
IPs

5
Countries

3490 kB
Transfer

9898 kB
Size

68
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cyber.gov.au/acsc/view-all-content/alerts/active-exploitation-vulnerable-sitecore-experience-platform-content-management-systems
Title: urgent advisory in 2021 for a critical vulnerability found on a software and web-hosting platform that is used by the Australian military

Search URL Search Domain Scan URL

URL: https://media.bupa.com.au/bupa-awarded-adf-health-services-contract/
Title: a contract Medibank lost to BUPA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021&url=https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/&via=TheMandarinAU

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/&title=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021

Search URL Search Domain Scan URL

URL: https://bayansehri.com/
Title: istanbul escort

Search URL Search Domain Scan URL

URL: https://bayansehri.com/Kategori/beylikduzu-escort/18
Title: beylikdüzü escort

Search URL Search Domain Scan URL

URL: https://bayansehri.com/Kategori/avcilar-escort/19
Title: avcılar escort

Search URL Search Domain Scan URL

URL: https://bayansehri.com/Kategori/esenyurt-escort/17
Title: esenyurt escort

Search URL Search Domain Scan URL

URL: https://esenyurtajans.com/
Title: esenyurt escort

Search URL Search Domain Scan URL

URL: https://esenyurtkizlar.com/
Title: esenyurt escort

Search URL Search Domain Scan URL

URL: https://istanbulstar.org/
Title: beylikdüzü escort

Search URL Search Domain Scan URL

URL: https://avcilaravans2.com/
Title: avcılar escort

Search URL Search Domain Scan URL

URL: https://beylikajans1.com/
Title: beylikdüzü escort

Search URL Search Domain Scan URL

URL: https://marmariscarsi.org/
Title: marmaris escort

Search URL Search Domain Scan URL

URL: https://izmitesc.com/
Title: izmit escort

Search URL Search Domain Scan URL

URL: https://funkotj.com/
Title: bodrum escort

Search URL Search Domain Scan URL

URL: https://antalyapostakodu.com/
Title: antalya escort

Search URL Search Domain Scan URL

URL: https://antalyapostakodu.com/Kategori/antalya-escort-bayan/74
Title: antalya escort bayan

Search URL Search Domain Scan URL

URL: https://twitter.com/TheMandarinAU

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheMandarinAU

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/themandarin-com-au

Search URL Search Domain Scan URL

URL: http://www.privatemedia.com.au/

Search URL Search Domain Scan URL

URL: https://www.crikey.com.au/
Title: CRIKEY

Search URL Search Domain Scan URL

URL: http://www.smartcompany.com.au/
Title: SMARTCOMPANY

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=552017&time=1667199006912&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=552017&time=1667199006912&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D552017%26time%3D1667199006912%26url%3Dhttps%253A%252F%252Fwww.themandarin.com.au%252F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=552017&time=1667199006912&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&cookiesTest=true&liSync=true HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f3201f33-1031-4b59-85bd-1e54e8bdcc64 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f3201f33-1031-4b59-85bd-1e54e8bdcc64&_expected_cookie=737dd9eae8e7dede4e5a943712d4e579

Request Chain 122

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Request Chain 124

https://idsync.rlcdn.com/425276.gif?partner_uid=398e19dc20110e91a3415fbcd8d22f3f HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIDM5OGUxOWRjMjAxMTBlOTFhMzQxNWZiY2Q4ZDIyZjNmEAAaDQif4P2aBhIFCOgHEABCAEoA HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=90b71268-afc4-44fa-949b-6d68ebcb6d36

Request Chain 125

https://x.bidswitch.net/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&cookie_age=$%7BCOOKIE_AGE%7D&username=398e19dc20110e91a3415fbcd8d22f3f HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&cookie_age=$%7BCOOKIE_AGE%7D&username=398e19dc20110e91a3415fbcd8d22f3f HTTP 302
https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=4c36030e-47ca-483f-bc93-b0ab81526207&cookie_age=0&username=398e19dc20110e91a3415fbcd8d22f3f

Request Chain 126

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Request Chain 128

https://idsync.rlcdn.com/425276.gif?partner_uid=36b1c3ba99aa72be614c66b079c1c5db HTTP 307
https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIoOD9mgYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIoOD9mgYSBAgCEABCAEoA&google_error=3 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=bbfc6dd6-c92f-4634-939c-1305e5f38725

Request Chain 129

https://x.bidswitch.net/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&cookie_age=$%7BCOOKIE_AGE%7D&username=36b1c3ba99aa72be614c66b079c1c5db HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&cookie_age=$%7BCOOKIE_AGE%7D&username=36b1c3ba99aa72be614c66b079c1c5db HTTP 302
https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=efb6512c-5e37-4f27-aa71-c746ad750c2b&cookie_age=0&username=36b1c3ba99aa72be614c66b079c1c5db

Request Chain 140

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 170

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1667199009413 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzRlY2M2Y2YtMzYwMS00ZTkxLThmYzktMjRjMTgxNzE5OGEw

Request Chain 171

https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1667199009413 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1667199009413 HTTP 302
https://sync.teads.tv/um?eid=22&uid=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=

Request Chain 172

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1667199009413 HTTP 302
https://sync.teads.tv/um?fp=1&eid=80&uid=27ae0c6e-c7f4-4355-b91f-2126f62ee2f2&gdpr=0&gdpr_consent=

Request Chain 173

https://pr-bh.ybp.yahoo.com/sync/teads/74ecc6cf-3601-4e91-8fc9-24c1817198a0?gdpr=0&gdpr_consent=&_t=1667199009413 HTTP 302
https://sync.teads.tv/um?eid=132&uid=y-PUcvtMZE2oQ5KsPEXBdMpXwFEej.Xb80CO4-~A

Request Chain 174

https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_ap_au&gdpr_consent=&_t=1667199009413 HTTP 302
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_ap_au&gdpr_consent=&_t=1667199009413&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 203

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&khaos=L9WF8THJ-5-4EFZ HTTP 302
https://data.dianomi.com/frontend/rubicon?uid=L9WF8THJ-5-4EFZ

Request Chain 205

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&khaos=L9WF8TII-1E-3634 HTTP 302
https://data.dianomi.com/frontend/rubicon?uid=L9WF8TII-1E-3634

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEiAiLLI_4ZcdtjD7BoJaXs&google_cver=1

Request Chain 207

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=&expires=30

Request Chain 208

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlXRjhUSUktMUUtMzYzNA==

Request Chain 209

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/E1bM8kXcS47bHt-A1MT7mcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3079155051574305910

Request Chain 210

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ibpS7uGWS9SMN9m66D0rrg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ibpS7uGWS9SMN9m66D0rrg

Request Chain 211

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjZDcxZGY1YWVmMTUyNzQ4ZjUyY2FhMTgxNGNiZDViOTMwMTQ1OQ

Request Chain 212

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=L9WF8TII-1E-3634&ex=d-rubiconproject.com&status=ok

Request Chain 213

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9WF8TII-1E-3634

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

247 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/ 84 KB
21 KB 360ms
100ms Document
text/html 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: e3196bb849ad7bb20fe80ae44590e8d27bb6d560db564f44779181d34b9e5b0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 343
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 20635
content-type: text/html; charset=UTF-8
date: Mon, 31 Oct 2022 06:50:04 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.themandarin.com.au/wp-json/>; rel="https://api.w.org/" <https://www.themandarin.com.au/wp-json/wp/v2/posts/204180>; rel="alternate"; type="application/json" <https://wp.me/pdFWiw-R7e>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache: hit
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-pingback: https://www.themandarin.com.au/xmlrpc.php
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: syd3 0 4 9980

GET
H2 200 style.css
www.themandarin.com.au/wp-content/plugins/woo-payment-gateway/packages/blocks/build/ 3 KB
957 B 102ms
99ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/woo-payment-gateway/packages/blocks/build/style.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e5130c4e5e9d37657f14cac1f5fa076aea406d2d31273bd4ff6ced452a08a81

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 23:48:37 GMT
server: nginx
age: 967643
etag: W/"634de9d5-b2e"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 812
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 bootstrap.css
www.themandarin.com.au/wp-content/plugins/woo-payment-gateway/packages/blocks/build/credit-card/ 2 KB
572 B 106ms
102ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/woo-payment-gateway/packages/blocks/build/credit-card/bootstrap.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d80a75389c9ac1c16036be13df0840b406343d0dcacc184974fafd813b5c8f47

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 23:48:37 GMT
server: nginx
age: 967643
etag: W/"634de9d5-7c8"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 522
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
www.themandarin.com.au/wp-includes/js/mediaelement/ 11 KB
3 KB 114ms
110ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 13:30:39 GMT
server: nginx
age: 967643
etag: W/"634eaa7f-2bf8"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2592
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 wp-mediaelement.min.css
www.themandarin.com.au/wp-includes/js/mediaelement/ 4 KB
1 KB 110ms
107ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 13:30:39 GMT
server: nginx
age: 967638
etag: W/"634eaa7f-105a"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1156
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 job-listings.css
www.themandarin.com.au/wp-content/plugins/wp-job-manager/assets/dist/css/ 8 KB
1 KB 106ms
103ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wp-job-manager/assets/dist/css/job-listings.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c32303c1614287a5e8d91fe967e40c00e5a7fd087ea3a32de87dda6df45d4acd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 23:48:38 GMT
server: nginx
age: 967643
etag: W/"634de9d6-2107"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1353
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 wpdiscuz-combo.min.css
www.themandarin.com.au/wp-content/plugins/wpdiscuz/assets/css/ 36 KB
6 KB 124ms
120ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ee9c91d5f66614dd7ae025c3e8115cbfe9dd0a3336b242efcd757c37c15f208

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 05:31:46 GMT
server: nginx
age: 1127705
etag: W/"634e3a42-901c"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6409
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 frontend.css
www.themandarin.com.au/wp-content/plugins/wp-job-manager-alerts/assets/css/ 1 KB
490 B 136ms
133ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wp-job-manager-alerts/assets/css/frontend.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 37ecd2a02288c23dcd533df157c705005b4680277542bc3a73d877a665755f28

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 23:48:38 GMT
server: nginx
age: 967643
etag: W/"634de9d6-462"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 439
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 style.css
www.themandarin.com.au/wp-content/plugins/wp-job-manager-tags/assets/css/ 144 B
191 B 112ms
109ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wp-job-manager-tags/assets/css/style.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c5d77a17dd1dedf9af81729d5066891b7a7c7b8d890abc09bd6304462cec94a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
last-modified: Mon, 17 Oct 2022 23:48:38 GMT
server: nginx
age: 967643
etag: "634de9d6-90"
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 144
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 packages.css
www.themandarin.com.au/wp-content/plugins/wp-job-manager-wc-paid-listings/assets/css/ 2 KB
508 B 113ms
110ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wp-job-manager-wc-paid-listings/assets/css/packages.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9190e3cff2f32711652536aad516ec220f7c9fb93dd26d3cb4278acfb8d982f3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 23:48:38 GMT
server: nginx
age: 967643
etag: W/"634de9d6-97e"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 457
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 328ms
118ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 603
age: 17392276
cdn-cachedat: 09/27/2021 14:18:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0f1310bf9ea8d4961a2ada07a2669960
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 762a7456de19dfb3-SYD
cdn-requestpullsuccess: True

GET
H2 200 main.min.css
www.themandarin.com.au/wp-content/themes/the-mandarin/css/dist/ 366 KB
58 KB 193ms
190ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/css/dist/main.min.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f251074a6b965d8b7019aa7df52b79e933db7f255b303ab608237a2561be0df7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 04:57:07 GMT
server: nginx
age: 967643
etag: W/"634e3223-5b733"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 59314
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 jetpack.css
www.themandarin.com.au/wp-content/mu-plugins/jetpack-11.4/css/ 84 KB
16 KB 271ms
269ms Stylesheet
text/css 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/mu-plugins/jetpack-11.4/css/jetpack.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 22:34:24 GMT
server: nginx
age: 967643
etag: W/"634f29f0-14ef8"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16430
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 86 KB
31 KB 583ms
192ms Script
text/javascript 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

sffe /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30768
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 07:21:02 GMT

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/privatemediapty/mandarin/scripts/ 146 KB
42 KB 329ms
112ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/privatemediapty/mandarin/scripts/evergage.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0d96f7aacbf420ac821554819b1b3f563ec7f8ce1b44fad18a0cf4c2292882

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: SW0xNFey_34dhqAgYwhoH1_r0nvzUP.F
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 31 Oct 2022 06:50:05 GMT
x-amz-request-id: ARPYVXGPNVCWEEJF
age: 45
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 42042
x-amz-id-2: 8WQMlcwBrHKJOygZqFwsK9RgNrOgNu/1vkSCb86wMv73s32Qpl9I7wMNW0JErfux4dNOLX6ABWA=
x-served-by: cache-iad-kjyo7100168-IAD, cache-syd10175-SYD
x-amz-meta-evergage-sum: 4c68cdd5652fa97efe02e690c5df8dd80e5320a3
last-modified: Wed, 19 Oct 2022 00:22:26 GMT
server: AmazonS3
x-timer: S1667199005.258877,VS0,VE1
etag: "f9f26f10f261a427a6dd2de64efd2657"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 1, 1

GET
H2 200 header-scripts.js Show response
www.themandarin.com.au/wp-content/themes/the-mandarin/ad-js/ 10 KB
2 KB 271ms
269ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/ad-js/header-scripts.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ad4ea8071302e41f24985ce937177a1bdda068e14ae50914782137eb23deebc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 02:02:35 GMT
server: nginx
age: 967494
etag: W/"6350ac3b-29e3"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1536
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 2138ms
1746ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

eb8304092bddb1608d9d661895bc22294ed02b1c2ebf3836be696ecaaf5e84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27392
x-xss-protection: 0
server: sffe
etag: "1379 / 526 of 1000 / last-modified: 1666994710"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Oct 2022 06:50:07 GMT

GET
H2 200 select2.full.min.js Show response
www.themandarin.com.au/wp-content/plugins/wp-job-manager/assets/lib/select2/ 77 KB
22 KB 271ms
270ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wp-job-manager/assets/lib/select2/select2.full.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: be3167962058f03cd7f63b2053fcf5fe63ae43193b7ab8623f4230df97d58535

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 23:48:38 GMT
server: nginx
age: 967643
etag: W/"634de9d6-13544"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22034
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 590ms
199ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52885710-1

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b06c9fa402c348ef78585e4bfdb5c6301b1a1ebec1b0ba9b9b5da680760b81ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43603
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Oct 2022 06:50:06 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.1/css/ 58 KB
13 KB 618ms
211ms Stylesheet
text/css 172.64.132.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZZB7BG51S9MNYSKQ
age: 27689821
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qKrXYJnZLm8cEAEPCt4t0h1EjKVmF9aBjYJ2TMqhYfQo4xcVN9qNNHs1HwrzRFcEiPJex/meNCw=
last-modified: Wed, 30 Jun 2021 15:40:30 GMT
server: cloudflare
etag: W/"b227b1617a1763c8bc056772f05482b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tP%2FE3woH9tWErRINyNudno%2Fja1bT0CU1tYa%2B07g5zkcjcKze7Hh5lmQdq8M8%2BzK9oLlAXFCzMJR%2FDFctunRmUuHXxm7%2F4hCMaR2tC8TTXdpVEY1nA7mleee3PiO6IBoytLHyb4c0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 762a74585c636ba2-SIN

GET
H2 200 logo-themandarin.svg
www.themandarin.com.au/wp-content/themes/the-mandarin/images/ 4 KB
1 KB 127ms
122ms Image
image/svg+xml 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/images/logo-themandarin.svg
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 80e4e7b22771c2bd2e9f4c22a1130bdfdeaef05bdeb75adfbdbbf958832fd070

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
content-encoding: gzip
x-rq: syd3 0 4 9980
last-modified: Mon, 31 Oct 2022 01:57:10 GMT
server: nginx
age: 51
etag: W/"635f2b76-f02"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1361
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 themandarin-stickynav.png
www.themandarin.com.au/wp-content/themes/the-mandarin/images/ 4 KB
4 KB 131ms
127ms Image
image/png 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/images/themandarin-stickynav.png
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ce233ea5aaacf5b906d3fc588d2731d2184d7066dac7d7141d91c5cf7e741c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 08:17:11 GMT
server: nginx
age: 2442432
etag: W/"6332b187-eab"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3509
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 Julian-Bajkowski.jpeg
www.themandarin.com.au/wp-content/uploads/2022/08/ 2 KB
3 KB 129ms
125ms Image
image/webp 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/uploads/2022/08/Julian-Bajkowski.jpeg?w=150&h=150&crop=1
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c9eee0a788355cf8c643a73e249ed367342185bc78cbe47c78a26b61e99057

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 118 20 443
last-modified: Sat, 24 Sep 2022 04:25:35 GMT
server: nginx
etag: "9d04ce874a5f9144"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2534
expires: Sun, 24 Sep 2023 04:25:35 GMT

GET
H2 200 tag Show response
a.teads.tv/page/108576/ 795 B
855 B 1184ms
387ms Script
application/javascript 23.195.153.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/108576/tag
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-153-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52005fbc1e12f6ed7a3a0f30935ec5f23332e28a1057046e9da18de3ef35448a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 495
expires: Mon, 31 Oct 2022 07:50:06 GMT

GET
H2 200 logo-themandarin-solid.svg
www.themandarin.com.au/wp-content/themes/the-mandarin/images/ 9 KB
3 KB 178ms
174ms Image
image/svg+xml 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/images/logo-themandarin-solid.svg
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: af83953db02266d0598de91d5e2663a3e28c560e4737623430f29f251be0a99b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
x-rq: syd3 0 4 9980
last-modified: Mon, 31 Oct 2022 01:57:10 GMT
server: nginx
age: 27
etag: W/"635f2b76-257b"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3130
expires: Tue, 31 Oct 2023 06:50:06 GMT

GET
H2 200 Sonatype_Social_1200x628.png
www.themandarin.com.au/wp-content/uploads/2022/10/ 142 KB
143 KB 176ms
172ms Image
image/webp 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/uploads/2022/10/Sonatype_Social_1200x628.png?w=1024
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 314c1056d1a12e6d0e898aeb91be0594fe244b1bb81e7ac57d809a0d8fea91fd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
x-rq: syd3 113 87 443
last-modified: Tue, 11 Oct 2022 00:15:10 GMT
server: nginx
etag: "58cb07aea6dd8332"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 145662
expires: Wed, 11 Oct 2023 00:15:10 GMT

GET
H2 200 CodeForAustralia_Social_1200x628-1.png
www.themandarin.com.au/wp-content/uploads/2022/10/ 306 KB
306 KB 176ms
173ms Image
image/webp 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/uploads/2022/10/CodeForAustralia_Social_1200x628-1.png?w=1024
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5693922c61527ee4cfd19623af0b0fa6b14c7b79ac2a4537ee5c895735a510b8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
x-rq: syd3 112 213 443
last-modified: Sun, 30 Oct 2022 22:59:05 GMT
server: nginx
etag: "31f88e9510da1aa0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 313172
expires: Mon, 30 Oct 2023 22:59:05 GMT

GET
H2 200 AdobeStock_503697906-e1662614997215.jpeg
www.themandarin.com.au/wp-content/uploads/2022/09/ 35 KB
35 KB 176ms
173ms Image
image/webp 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/uploads/2022/09/AdobeStock_503697906-e1662614997215.jpeg?w=795
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b9e1055970d14a2ac70719031d350f3339d75f5725f5a38f073f9c934d40370

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
x-rq: syd3 118 52 443
last-modified: Wed, 28 Sep 2022 01:22:27 GMT
server: nginx
etag: "07f09db36b4e35f5"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35946
expires: Thu, 28 Sep 2023 01:22:27 GMT

GET
H2 200 themandarin-aus-colour.svg
www.themandarin.com.au/wp-content/themes/the-mandarin/images/ 788 B
499 B 226ms
223ms Image
image/svg+xml 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/images/themandarin-aus-colour.svg
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ba2cbdf5fff3eafb27ea85ad41eafed4766e619e0a211549416b774e71aa71b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
x-rq: syd3 0 4 9980
last-modified: Mon, 31 Oct 2022 01:57:10 GMT
server: nginx
age: 51
etag: W/"635f2b76-314"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 424
expires: Tue, 31 Oct 2023 06:50:06 GMT

GET
H2 200 privatemedia-logo-2021.png
www.themandarin.com.au/wp-content/themes/the-mandarin/images/ 3 KB
3 KB 226ms
222ms Image
image/png 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/images/privatemedia-logo-2021.png
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 41df9aa76894f810d5b449149cf327276ffd2900ef09a309bad5e5bbb301422f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 08:17:11 GMT
server: nginx
age: 2442431
etag: W/"6332b187-b31"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2888
expires: Tue, 31 Oct 2023 06:50:06 GMT

GET
H2 200 55fd99286bb75c6178295f06caf0ecc0.js Show response
clientcdn.pushengage.com/core/ 115 KB
26 KB 654ms
231ms Script
application/javascript 13.224.250.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/55fd99286bb75c6178295f06caf0ecc0.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-81.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 9dcdfd51e7f8f7de80a35d59dbe0bf788ab7689b22a6f7dfe460c9d81fe7701b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:48:53 GMT
content-encoding: gzip
via: 1.1 b0b2bb3b21ed20feab951c611319321e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
age: 73
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XACzbkPyXiahbSxJtKiwN4ITb3DTFFj3GHGu6ScoPRY56WnVYLrL9Q==

GET
H2 200 wpdiscuz-combo.min.js Show response
www.themandarin.com.au/wp-content/plugins/wpdiscuz/assets/js/ 308 KB
70 KB 101ms
101ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 04db97298896958e9cb9a176c974793389b29df93be073a2f34af643caae8951

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 05:30:12 GMT
server: nginx
age: 350232
etag: W/"635a1764-4ce6b"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 71203
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.themandarin.com.au/wp-includes/js/dist/vendor/ 6 KB
2 KB 100ms
100ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 13:30:39 GMT
server: nginx
age: 967644
etag: W/"634eaa7f-194b"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2457
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.themandarin.com.au/wp-includes/js/dist/vendor/ 19 KB
7 KB 106ms
101ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 13:30:39 GMT
server: nginx
age: 967644
etag: W/"634eaa7f-4ac6"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7095
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 hooks.min.js Show response
www.themandarin.com.au/wp-includes/js/dist/ 5 KB
2 KB 129ms
124ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-includes/js/dist/hooks.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 13:30:39 GMT
server: nginx
age: 967644
etag: W/"634eaa7f-132e"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1661
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 loader.js Show response
www.themandarin.com.au/wp-content/plugins/wp-parsely/build/ 2 KB
1 KB 119ms
113ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wp-parsely/build/loader.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 05:31:46 GMT
server: nginx
age: 1127705
etag: W/"634e3a42-9c2"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1024
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/themandarin.com.au/ 56 KB
21 KB 656ms
232ms Script
application/javascript 13.227.255.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/themandarin.com.au/p.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.255.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-255-71.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 1f3a35186dbadf43f5e9d0646914164927de87b5801af0e1bbb6035aa071674c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Mon, 31 Oct 2022 03:26:39 GMT
content-encoding: gzip
via: 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 14:17:00 GMT
server: nginx
x-amz-cf-pop: SIN52-C3
age: 12996
etag: W/"61926bdc-df45"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: vaAGdJWjOdIh2WZ1TtAC4FhUGGpdsC2ZYedVMjapf36YArsFeyIkmA==
expires: Tue, 01 Nov 2022 03:13:30 GMT

GET
H2 200 vendor.min.js Show response
www.themandarin.com.au/wp-content/themes/the-mandarin/js/dist/ 113 KB
23 KB 114ms
109ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/js/dist/vendor.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc888409cef8917486ed4cd0b50cf445837b53ef1a03300f27af9ef569c2e91f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 04:57:07 GMT
server: nginx
age: 967644
etag: W/"634e3223-1c248"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23979
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 main.min.js Show response
www.themandarin.com.au/wp-content/themes/the-mandarin/js/dist/ 56 KB
16 KB 126ms
121ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/js/dist/main.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 19795e5af28163d8e28ca4f0c5b2781b810b9483eb7c6ded87ac40369ba0fefd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 02:02:35 GMT
server: nginx
age: 967456
etag: W/"6350ac3b-e096"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16151
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 main.min.js Show response
www.themandarin.com.au/wp-content/plugins/wp-job-manager-locations/assets/js/ 3 KB
733 B 130ms
125ms Script
application/javascript 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.themandarin.com.au/wp-content/plugins/wp-job-manager-locations/assets/js/main.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca263a0a3251f873bb43143fb3f271793201c8e1f3e439b6d23ae32cb43297f1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:05 GMT
x-rq: syd3 0 4 9980
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 23:48:38 GMT
server: nginx
age: 967644
etag: W/"634de9d6-a5b"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 672
expires: Tue, 31 Oct 2023 06:50:05 GMT

GET
H2 200 e-202244.js Show response
stats.wp.com/ 9 KB
3 KB 305ms
99ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202244.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc: HIT syd
date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: br
server: nginx
etag: W/"61adb0c2-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 21 Oct 2023 23:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 585ms
196ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700|Patua+One|Merriweather+Sans:wght@400;700|Merriweather&display=swap

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/css/dist/main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

e83b53eeccab20e84f3e08d51bc3f47120a34bb62abc955420f834c0431ed4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 06:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:50:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 06:50:05 GMT

GET
H2 404 get-loader.js
loader.wisepops.com/ 0
0 323ms
112ms Script
text/javascript 104.26.10.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.wisepops.com/get-loader.js?v=1&site=uLVyNnFkTZ
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1422
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g%2FsEG5eLZtrhfgfhTFkUqLI24eZCEmZ7oowv3Yanvv260YyPJJyGFMOXfIIzODIU3he%2FNUjJUvAXaJwgmz81faQRrw2V9POzUP%2FqlRPYgVnfAZflM2NhN2f4pV0YCpS%2BXN6MqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-cloud-trace-context: 091a013bf8f6c03cddfbbe511580e09e
cache-control: private, max-age=1800
cf-ray: 762a745c7d23a835-SYD

GET
H2 200 2sDcZG1Wl4LcnbuCJW8zaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 15 KB
16 KB 630ms
241ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCJW8zaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700|Patua+One|Merriweather+Sans:wght@400;700|Merriweather&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:03:23 GMT
x-content-type-options: nosniff
age: 370003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15792
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:03:23 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 411ms
208ms Font
font/woff2 172.64.132.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.132.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1RB341VKVPFE67ZD
age: 27596670
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80300
x-amz-id-2: F7B767x2AhloG0iWsS9Up/8rU+0MX8slROC5IOdpP0ke6fEDI0U8FBbKyMhSd3PQ6VscWL2qnaE=
last-modified: Wed, 30 Jun 2021 15:40:53 GMT
server: cloudflare
etag: "8e1ed89b6ccb8ce41faf5cb672677105"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvKDr8S50TNfDpkxUHsab2IpjuNUPRT7KJKmVF0LdspmyTRQwRpr%2Fdoye6UAan%2BzDV7NT6KJdtiCvT8iQLMiob5%2BnFDk79%2FionG%2FdPTa1iAaz44lo3kVbWhiQ71j8rYhivHwjUDi"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 762a745ccffe87ae-SIN

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
17 KB 580ms
193ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700|Patua+One|Merriweather+Sans:wght@400;700|Merriweather&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 04:23:42 GMT
x-content-type-options: nosniff
age: 181584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 04:23:42 GMT

GET
H2 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 795ms
416ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700|Patua+One|Merriweather+Sans:wght@400;700|Merriweather&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 23:29:02 GMT
x-content-type-options: nosniff
age: 112864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16172
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 23:29:02 GMT

GET
H2 200 recirculation.epl Show response
www.dianomi.com/ Frame 858A 3 KB
1002 B 617ms
407ms Document
text/html 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/recirculation.epl?id=106

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f83a8b99f9f356e8b0290074236f6c8a24d8ac15d745a647fec6f346900059ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 762a745cadb5a874-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 31 Oct 2022 06:50:06 GMT
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame F298 7 KB
2 KB 649ms
440ms Document
text/html 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=4755

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34379b40a3dc6b4831263e136156d90c749f66752e5524ab8d2c261ab5273658

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 762a745cadb6a874-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 31 Oct 2022 06:50:06 GMT
expires: now
link: </img/a/pss/2667/25.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v16/ 13 KB
13 KB 969ms
603ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patuaone/v16/ZXuke1cDvLCKLDcimxB44_lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700|Patua+One|Merriweather+Sans:wght@400;700|Merriweather&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:05:17 GMT
x-content-type-options: nosniff
age: 369889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12876
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:40:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:05:17 GMT

GET
H2 200 Matt-Keogh.jpg
www.themandarin.com.au/wp-content/uploads/2022/08/ 32 KB
32 KB 135ms
134ms Image
image/webp 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/uploads/2022/08/Matt-Keogh.jpg
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 67d25a57063eb6f00daaf3866ed1ea4e2789ef00d133a259a0bcc3001db49abf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
x-rq: syd3 118 20 443
last-modified: Mon, 31 Oct 2022 05:33:16 GMT
server: nginx
etag: "ccee42127a8205cd"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32796
expires: Tue, 31 Oct 2023 05:33:16 GMT

GET
H2 200 dnPFRE6H76w Show response
www.youtube.com/embed/ Frame 8D44 68 KB
28 KB 641ms
254ms Document
text/html 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dnPFRE6H76w

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

ESF /

Resource Hash

98053c6ace91f91827bbcc815e5b0492a1aa5f096baa2729ef0b3eca3f0ef24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 31 Oct 2022 06:50:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 664F 5 KB
2 KB 619ms
437ms Document
text/html 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5284

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd96db3d7cb42c5a7ca702b99e719309b3d103b1e3eef665e9a2e6309e793111

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 762a745cadb7a874-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 31 Oct 2022 06:50:06 GMT
expires: now
link: </img/a/pss/2874/28.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 promo-bg-orange.svg
www.themandarin.com.au/wp-content/themes/the-mandarin/images/ 2 KB
925 B 169ms
169ms Image
image/svg+xml 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/images/promo-bg-orange.svg
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/wp-content/themes/the-mandarin/css/dist/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: af8bb6111f787caf0745589c400853be639da4d679090a4cc5ad521acbd328c4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/wp-content/themes/the-mandarin/css/dist/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
x-rq: syd3 0 4 9980
last-modified: Mon, 31 Oct 2022 01:57:10 GMT
server: nginx
age: 27
etag: W/"635f2b76-83c"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 850
expires: Tue, 31 Oct 2023 06:50:06 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 958ms
807ms Font
font/woff2 172.64.132.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.132.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QCWTATTMENX3FG96
age: 27689588
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78460
x-amz-id-2: lRXKJBRdsDbHo4onrPrmLX8piiMegV4/m2Seljl8WLcadX4FWyFyvhED7Xo5VNfqJkmI4P46jOs=
last-modified: Wed, 30 Jun 2021 15:40:52 GMT
server: cloudflare
etag: "f075c50f89795e4cdb4d45b51f1a6800"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5hb3R0ayj7ihVnudR%2BpT7LtUotGmLTIfUW%2FoYXVk1ZMgpWlylF3oXzA8wwRdMrkg1JhTI3tfVHx8%2BrG1WdTeCL6MI%2BJjV57R0dQDfb241HlijmsyrVNNbSAFyO5q2yGMSMgmCuG"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 762a745cc80087ae-SIN

GET
H2 200 2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZou4ViesH.woff2
fonts.gstatic.com/s/merriweathersans/v22/ 14 KB
14 KB 814ms
478ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v22/2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZou4ViesH.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700|Patua+One|Merriweather+Sans:wght@400;700|Merriweather&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

c7f80ac0f717e2128cec0b999f474b5b154ea4cbada8ecc74b69b65eaaf55869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 13:23:09 GMT
x-content-type-options: nosniff
age: 149217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14676
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:23:09 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 869ms
534ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700|Patua+One|Merriweather+Sans:wght@400;700|Merriweather&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.themandarin.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:07:50 GMT
x-content-type-options: nosniff
age: 218536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:07:50 GMT

GET em.js
au-ssl.effectivemeasure.net/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
56 KB 764ms
459ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXMBZH

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

11af9d62d365f1acb06f1a1954b7f1fa581d712f03d20e22aabbae5b58a105f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56821
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Oct 2022 06:50:06 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 759ms
250ms Script
application/javascript 146.75.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.112.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100040-IAD, cache-nrt-rjtf7700056-NRT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 997 B
689 B 614ms
202ms Script
application/x-javascript 42.99.140.192
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-192.pacnet.net
Software: /
Resource Hash: 3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 716
date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
last-modified: Wed, 26 Oct 2022 22:31:50 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 1
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=22011
accept-ranges: bytes
content-length: 471

GET
H2 200 25.css
www.dianomi.com/img/a/pss/2667/ Frame 858A 2 KB
797 B 121ms
121ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2667/25.css

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28d6f3929b6c2dc7f150b29c3b1a0c2d39de20f6c1854db507c5deacd1f3f949

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 696792
cf-polished: origSize=2263
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 08:40:20 GMT
server: cloudflare
etag: W/"8d7-5eb5f28a9f190"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 762a745f5873a874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/695320905/1/ Frame 858A 3 KB
3 KB 114ms
113ms Image
image/jpeg 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/695320905/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84b0a6a470e79bdef6fa07b002f94b3e68318c3d7176e04bba7662e451abb7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 277515
cf-polished: degrade=85, origSize=4648, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Oct 2022 01:42:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 762a745f5875a874-SYD
expires: Mon, 07 Nov 2022 06:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/695311917/1/ Frame 858A 2 KB
3 KB 117ms
115ms Image
image/jpeg 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/695311917/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465963f846cfab11dcf4d5dd0aeae3a3a4d783c931b55d9b1be1cbcf825a8d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284389
cf-polished: degrade=85, origSize=4123, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 Oct 2022 23:28:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 762a745f5877a874-SYD
expires: Mon, 07 Nov 2022 06:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/695318005/1/ Frame 858A 1 KB
1 KB 115ms
114ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/695318005/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5830c0e82c1ea0b10aef7b0938ae39f1b7347861504f51da37fb85144987f3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 200252
cf-polished: qual=85, origFmt=jpeg, origSize=2639
content-disposition: inline; filename="100x70.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Oct 2022 00:36:37 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 762a745f5878a874-SYD
expires: Mon, 07 Nov 2022 06:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/695320803/1/ Frame 858A 2 KB
2 KB 380ms
379ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/695320803/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e40ac5a09f3a2fdc9ea2d525b7336b45d67a06481aec098e076a2a287e596daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=2042
content-disposition: inline; filename="100x70.webp"
content-length: 1716
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Oct 2022 01:42:11 GMT
server: cloudflare
etag: "7fa-5ec0e5dd5b0a4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745f5879a874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/695325348/1/ Frame 858A 1 KB
1 KB 120ms
119ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/695325348/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4a66d690ab79bbf61d6896a0ed9164f18d3c3be563639adabf68f4d56e5818

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273724
cf-polished: qual=85, origFmt=jpeg, origSize=2820
content-disposition: inline; filename="100x70.webp"
content-length: 1306
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Oct 2022 02:48:02 GMT
server: cloudflare
etag: W/"b04-5ec0f4954035b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745f587aa874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 28.css
www.dianomi.com/img/a/pss/2874/ Frame 664F 2 KB
757 B 115ms
115ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2874/28.css

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f1118bf5b94192e91e816d413eddd9e83b3980bf0c9cb942ee4ca61324d0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 696604
cf-polished: origSize=2391
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 05 Oct 2022 03:59:26 GMT
server: cloudflare
etag: W/"957-5ea419a573413"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 762a745f688aa874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 664F 393 B
408 B 497ms
195ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:50:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 06:50:06 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 664F 8 KB
3 KB 115ms
115ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0aafd937ad90f1da3421c3ed7fc31a407b74f3ddeac7a8c4a40d37413dda0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 25
cf-polished: origSize=12508
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 07:53:43 GMT
server: cloudflare
etag: W/"30dc-5e9b80f527fcf"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 762a745f78a3a874-SYD
expires: Mon, 31 Oct 2022 06:52:06 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 664F 1 KB
1 KB 190ms
188ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1920908
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745ff9aaa874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/184409/3/ Frame 664F 3 KB
3 KB 189ms
187ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/184409/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78813a71248b93cf4babd563aa00019efae122556247c6b265f1b6b029e4a355

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 384853
cf-polished: qual=85, origFmt=jpeg, origSize=5944
content-disposition: inline; filename="100x70.webp"
content-length: 3202
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Sat, 22 Oct 2022 14:07:15 GMT
server: cloudflare
etag: "1738-5eba0135574bc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745ff9ada874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/271764/2/ Frame 664F 3 KB
3 KB 195ms
195ms Image
image/jpeg 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/271764/2/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd7c6156c48679f8044ce18609e0605a54630ecde04610fe6798b381dba735d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 174047
cf-polished: degrade=85, origSize=4650, status=webp_bigger
content-length: 2730
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Sep 2022 02:18:56 GMT
server: cloudflare
etag: "122a-5e9db9daedf08"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745ff9afa874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/258348/10/ Frame 664F 2 KB
2 KB 177ms
176ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/258348/10/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f8edcf5ad75e3a2a820f9f82fc93e5e2a917de7bb19a7c82d203d67678b93f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83995
cf-polished: qual=85, origFmt=jpeg, origSize=2814
content-disposition: inline; filename="100x70.webp"
content-length: 1558
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Sep 2022 09:49:41 GMT
server: cloudflare
etag: "afe-5e9b9ae0bb28a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745ff9b3a874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 25.css
www.dianomi.com/img/a/pss/2667/ Frame F298 2 KB
747 B 112ms
112ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2667/25.css

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28d6f3929b6c2dc7f150b29c3b1a0c2d39de20f6c1854db507c5deacd1f3f949

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 696792
cf-polished: origSize=2263
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 08:40:20 GMT
server: cloudflare
etag: W/"8d7-5eb5f28a9f190"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 762a745f88a8a874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame F298 8 KB
3 KB 114ms
113ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0aafd937ad90f1da3421c3ed7fc31a407b74f3ddeac7a8c4a40d37413dda0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 25
cf-polished: origSize=12508
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 07:53:43 GMT
server: cloudflare
etag: W/"30dc-5e9b80f527fcf"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 762a745f98b2a874-SYD
expires: Mon, 31 Oct 2022 06:52:06 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame F298 1 KB
1 KB 166ms
163ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1920908
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745ff9b5a874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/258348/10/ Frame F298 2 KB
2 KB 167ms
163ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/258348/10/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f8edcf5ad75e3a2a820f9f82fc93e5e2a917de7bb19a7c82d203d67678b93f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83995
cf-polished: qual=85, origFmt=jpeg, origSize=2814
content-disposition: inline; filename="100x70.webp"
content-length: 1558
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Sep 2022 09:49:41 GMT
server: cloudflare
etag: "afe-5e9b9ae0bb28a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745ff9b7a874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/266931/2/ Frame F298 4 KB
4 KB 176ms
172ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/266931/2/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a20f13a4857c9e8c6421e6b754f3e1d19a471865b0a4aefa62bd31882e396dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23130
cf-polished: qual=85, origFmt=jpeg, origSize=7207
content-disposition: inline; filename="100x70.webp"
content-length: 3694
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Aug 2022 22:19:38 GMT
server: cloudflare
etag: "1c27-5e704139a12be"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 762a745ff9b9a874-SYD
expires: Wed, 30 Nov 2022 16:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/275362/3/ Frame F298 3 KB
3 KB 161ms
158ms Image
image/jpeg 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/275362/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c8dbc64dc250f3fa0633574261034f2f134aa4c385b1f58d255b50ec11ccce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356690
cf-polished: degrade=85, origSize=3789, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 Oct 2022 03:43:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 762a745ff9bba874-SYD
expires: Mon, 07 Nov 2022 06:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/271763/2/ Frame F298 2 KB
2 KB 159ms
156ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/271763/2/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0303da607fb098c032ffab6350a3c1ff859f75da4a9d8b8edd2a576277bff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 40384
cf-polished: qual=85, origFmt=jpeg, origSize=3632
content-disposition: inline; filename="100x70.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Sep 2022 02:28:31 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 762a745ff9bda874-SYD
expires: Mon, 07 Nov 2022 06:50:06 GMT

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/276019/2/ Frame F298 2 KB
2 KB 170ms
168ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/276019/2/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16971c1ca9a739b39408e92a5aecd588a45564a1e55c14c04c2d499f1d93005c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=4755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19146
cf-polished: qual=85, origFmt=jpeg, origSize=5170
content-disposition: inline; filename="100x70.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 31 Oct 2022 01:22:14 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 762a745ff9c0a874-SYD
expires: Mon, 07 Nov 2022 06:50:06 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/19fc75cf/ Frame 8D44 359 KB
49 KB 493ms
192ms Stylesheet
text/css 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

edbcd66789533fa7b2997c4b5c03a4df3042683b35384b0199fef3ad78554d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49792
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:52:31 GMT

GET
H2 200 profile Show response
api.parsely.com/v2/ 323 B
429 B 904ms
304ms Fetch
application/json 52.86.241.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.parsely.com/v2/profile?apikey=themandarin.com.au&uuid=pid%3D7adefbc36267c791fba510282ebf1582&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/wp-content/plugins/wp-parsely/build/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.241.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-241-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c0fd6c0742347d3c190af951750ae46e50f7dc0263ed7e15a5800b388550be85

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Oct 2022 06:50:07 GMT
server: nginx
content-length: 323
content-type: application/json

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 1595ms
397ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1667199006622&plid=7275899&idsite=themandarin.com.au&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22guest%22%7D&sid=1&surl=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&sref=&sts=1667199006617&slts=0&title=ASD+warned+of+critical+vulnerability+for+ForceNet+provider+in+2021&date=Mon+Oct+31+2022+06%3A50%3A06+GMT%2B0000+(GMT)&action=pageview&pvid=33007416&u=pid%3D7adefbc36267c791fba510282ebf1582
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 06:50:08 GMT
Cache-Control: no-cache
Last-Modified: Monday, 31-Oct-2022 06:50:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D44 15 KB
15 KB 497ms
195ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:01:09 GMT
x-content-type-options: nosniff
age: 254938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 08:01:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D44 15 KB
15 KB 512ms
211ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:51:06 GMT
x-content-type-options: nosniff
age: 511141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 08:51:06 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 101ms
99ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=202087916&post=204180&tz=11&srv=www.themandarin.com.au&hp=vip&host=www.themandarin.com.au&ref=&fcp=1310&rand=0.5086467440088107
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Oct 2022 06:50:06 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 858A 393 B
312 B 484ms
202ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2667/25.css

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 06:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:50:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 06:50:07 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 205ms
204ms Script
application/x-javascript 42.99.140.192
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-192.pacnet.net
Software: /
Resource Hash: b21dd5067e1a5cb98e74e8d4c5b8b9c0bc093e640d190db5673e3639558f7f2e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:06 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 23:52:18 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=56907
accept-ranges: bytes
content-length: 4642

GET
H3 200 css
fonts.googleapis.com/ Frame F298 393 B
312 B 463ms
198ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2667/25.css

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 06:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:50:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 06:50:07 GMT

GET
H3 200 pushengage.js Show response
clientcdn.pushengage.com/ 19 KB
5 KB 406ms
201ms Script
application/javascript 13.224.250.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/pushengage.js
Requested by: Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/55fd99286bb75c6178295f06caf0ecc0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.250.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-81.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 6d64736b75017d5e8783e729693963582ab5e2caac1878ad183fba3f1647b802

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:47:36 GMT
content-encoding: gzip
via: 1.1 a6f10891bf05ce2d27b04a152b14cf00.cloudfront.net (CloudFront)
server: nginx
age: 151
x-amz-cf-pop: SIN52-C2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -pFbc_HqYwU0sVdvl3V85WWEPgLB5hnuBie3LRKImy0p8gAa41DjTQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 581ms
193ms Script
text/javascript 74.125.24.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52885710-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 31 Oct 2022 05:19:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5427
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 31 Oct 2022 07:19:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 496ms
195ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10813170637&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52885710-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e4c3a9146a62eb16d28155dedb4e355d93bfac74e6d1cdc90a0fdee09e3d96ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52798
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Oct 2022 06:50:07 GMT

GET
H3 200 www-embed-player.js
www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/ Frame 8D44 11 KB
0 425ms
210ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97474
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:44:20 GMT

GET base.js
www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/ Frame 8D44 0
0

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/19fc75cf/fetch-polyfill.vflset/ Frame 8D44 9 KB
3 KB 408ms
194ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:45:55 GMT

GET
H2 200 adsct
t.co/i/ 43 B
378 B 456ms
247ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3c564884-4756-44e9-adbb-a4b238f46281&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0edec8fc-93b1-49d2-b494-3f0870429875&tw_document_href=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3s10&type=javascript&version=2.3.29

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_l /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time: 145
date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=0
server: tsa_l
content-type: image/gif;charset=utf-8
x-transaction-id: a0a91943ec0dda7f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 31a88768860f9eb61835660adf1c46ebc42f15997688a2ca964b908831b8e5bb
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 462ms
247ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3c564884-4756-44e9-adbb-a4b238f46281&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0edec8fc-93b1-49d2-b494-3f0870429875&tw_document_href=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3s10&type=javascript&version=2.3.29

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_l /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time: 146
date: Mon, 31 Oct 2022 06:50:06 GMT
strict-transport-security: max-age=631138519
server: tsa_l
content-type: image/gif;charset=utf-8
x-transaction-id: 599c4b86de3e3a1f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 726679ff2b94dc8dc5ada3dde1340017aad5cadc7b57376beb63c63c4f34338e
content-length: 43

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/552017/domain/themandarin.com.au/ 36 B
376 B 205ms
205ms XHR
application/json 13.35.8.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/552017/domain/themandarin.com.au/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-67.sin5.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.themandarin.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Oct 2022 06:19:20 GMT
content-encoding: gzip
via: 1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 1847
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Y9yXg6xPzqLn4zmCZqgKiK9Mr1VyqOKJ47gZhksxvDg3p8IKGREZuw==

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=552017&time=1667199006912&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=552017&time=1667199006912&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D552017%26time%3D1667199006912%26url%3Dhttps%253A%252F%252Fwww.themandarin.com.au%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=552017&time=1667199006912&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f3201f33-1031-4b59-85bd-1e54e8bdcc64
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f3201f33-1031-4b59-85bd-1e54e8bdcc64&_expected_cookie=737dd9eae8e7dede4e5a9437...

43 B
141 B

201ms
201ms

Image
image/gif

104.18.102.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f3201f33-1031-4b59-85bd-1e54e8bdcc64&_expected_cookie=737dd9eae8e7dede4e5a943712d4e579
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Server: 104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Mon, 31 Oct 2022 06:50:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 762a746d5e9da93e-SYD
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f3201f33-1031-4b59-85bd-1e54e8bdcc64&_expected_cookie=737dd9eae8e7dede4e5a943712d4e579
date: Mon, 31 Oct 2022 06:50:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 762a746c1c8ca93e-SYD
content-length: 0

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/552017/domain/themandarin.com.au/ Frame 0
0 603ms
198ms Preflight 13.35.8.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/552017/domain/themandarin.com.au/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-67.sin5.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.themandarin.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 22889
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 31 Oct 2022 00:28:38 GMT
via: 1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
x-amz-cf-id: BPDRXR4sAejzVhSiW0zri3iegJ-_4MCbdvVA0f-kuitxEwkRrbYxLw==
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 607ms
201ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 31 Oct 2022 06:50:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4qZHx3vr7eEW6uT7QSA5ibNVJiwFF2owBGicGRiNxLPI74K3LUymwtfyikcBrGfg3bBg3DSZVp0gmaAW7cdtIQ==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 992 B
514 B 471ms
431ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXMBZH

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

ESF /

Resource Hash

d726e9e5b87d746117c6e863358d26c6f86ad6858bcd4411fb872a4d65224f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 31 Oct 2022 06:50:07 GMT

GET
H3 200 dnPFRE6H76w Show response
www.youtube.com/embed/ Frame 8D44 68 KB
27 KB 266ms
231ms Document
text/html 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

ESF /

Resource Hash

872721603f4d68a83762e11758f383a82db3ac37b9ec887eeb553a7df35f9d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 31 Oct 2022 06:50:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 594 KB
130 KB 258ms
257ms Script
text/javascript 23.195.153.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/108576/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-153-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 574e606dd328ee0151b17115729313e90da8ef190d298d1ec736c6c4b731b99c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:07 GMT
content-encoding: br
last-modified: Thu, 27 Oct 2022 12:38:24 GMT
x-amz-request-id: 7393CYFM1CY5C312
etag: "c75121a8b67a315a397ba8331ff16a20"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 9
accept-ranges: bytes
content-length: 132722
x-amz-id-2: CZe1tpslz7NTX9wqLmuVdviurkSOhm3bX1JRFEY7cHlL4GHJTSm0ZMcg4HCNO7HLLfNqM68IqV0=
expires: Mon, 31 Oct 2022 07:20:07 GMT

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame 664F 4 KB
2 KB 404ms
399ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xFFC3AF3886CA49D4A3A8FCBCBA790874&third_party_tracking=1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59499938b3b4beb513a8756bb21e201e3b63f34618e3c2928431828e03f78e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:07 GMT
strict-transport-security: max-age=2592000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
via: 1.1 google
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
content-type: application/javascript
cache-control: no-cache, no-store
cf-ray: 762a7462acf1a874-SYD

GET
H3 200 ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v16/ Frame 664F 13 KB
13 KB 193ms
193ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patuaone/v16/ZXuke1cDvLCKLDcimxB44_lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Patua+One&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:05:17 GMT
x-content-type-options: nosniff
age: 369890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12876
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:40:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:05:17 GMT

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame F298 4 KB
1 KB 401ms
401ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xF7C60DF5987A46AF9A3BC6F91C3D7CE3&third_party_tracking=1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cee0ff68e0b0c4906b61fefa3182536400470874bb50fc0a86845519e904db64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:07 GMT
strict-transport-security: max-age=2592000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
via: 1.1 google
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
content-type: application/javascript
cache-control: no-cache, no-store
cf-ray: 762a74632d6ca874-SYD

GET
H3 200 ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v16/ Frame 858A 13 KB
13 KB 192ms
192ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patuaone/v16/ZXuke1cDvLCKLDcimxB44_lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Patua+One&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:05:17 GMT
x-content-type-options: nosniff
age: 369890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12876
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:40:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:05:17 GMT

GET
H3 200 ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v16/ Frame F298 13 KB
13 KB 241ms
241ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patuaone/v16/ZXuke1cDvLCKLDcimxB44_lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Patua+One&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:05:17 GMT
x-content-type-options: nosniff
age: 369890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12876
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:40:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:05:17 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/19fc75cf/ Frame 8D44 359 KB
49 KB 194ms
193ms Stylesheet
text/css 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

edbcd66789533fa7b2997c4b5c03a4df3042683b35384b0199fef3ad78554d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49792
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:52:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D44 15 KB
15 KB 299ms
298ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:01:09 GMT
x-content-type-options: nosniff
age: 254938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 08:01:09 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D44 15 KB
15 KB 237ms
237ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:51:06 GMT
x-content-type-options: nosniff
age: 511141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 08:51:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 589ms
201ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10813170637&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

bb14c226d4517c67148f8c5f2680ee3081e5fa0932e9e93092c09ae60fe54606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15179
x-xss-protection: 0
server: cafe
etag: 15210647593759987154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 06:50:07 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/ Frame 8D44 306 KB
95 KB 225ms
224ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

de0e3e13ac455201d77e111b8c417ddae1ea4689e4406203baaa78d0ff9532bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97474
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:44:20 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/ Frame 8D44 2 MB
571 KB 257ms
256ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

9d461a19328f926eb15b3d203f0e9684821f11c664fab5055842d6acc32ebfe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584941
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:40:51 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/19fc75cf/fetch-polyfill.vflset/ Frame 8D44 9 KB
3 KB 283ms
281ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:45:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 494ms
193ms XHR
text/plain 74.125.24.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1552417132&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&ul=en-us&de=UTF-8&dt=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2068026959&gjid=829006893&cid=1687346682.1667199007&tid=UA-52885710-1&_gid=240230124.1667199007&_r=1&gtm=2ouaq0&z=2009389236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.themandarin.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.themandarin.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
451 B 583ms
194ms XHR
text/plain 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52885710-1&cid=1687346682.1667199007&jid=1511762014&gjid=567471169&_gid=240230124.1667199007&_u=YGDAgUABAAAAAGAAI~&z=1766211620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.themandarin.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 31 Oct 2022 06:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.themandarin.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 494ms
193ms Image
image/gif 74.125.24.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1552417132&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&ul=en-us&de=UTF-8&dt=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EVS&ea=New%20Session&ev=1&_u=YGDAgUABAAAAACAAI~&jid=1511762014&gjid=567471169&cid=1687346682.1667199007&tid=UA-52885710-1&_gid=240230124.1667199007&gtm=2wgaq0KXMBZH&cg1=&cg2=&cd3=0&z=1516498354

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 01:40:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18556
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/19fc75cf/www-widgetapi.vflset/ 157 KB
52 KB 713ms
713ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

7458c4aef758c46b1ee195e01ba8d303ae74962459b6cb7d0280033c282b164c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:35:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52804
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:35:04 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EB4A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

281 B
554 B

865ms
292ms

Document
text/html

23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Requested by: Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xFFC3AF3886CA49D4A3A8FCBCBA790874&third_party_tracking=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 31 Oct 2022 06:50:09 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 31 Oct 2022 06:50:08 GMT
location: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
server: AkamaiGHost

GET
H2 200 pixel Show response
data.dianomi.com/frontend/ Frame 664F 0
139 B 394ms
392ms XHR
text/plain 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.themandarin.com.au%2F&can_programmatic=1&geo_country=9&smartad_variant_id=7484&device_type=computer&organization=netprotect&referer=https%3A%2F%2Fwww.themandarin.com.au%2F&geo_state=new%20south%20wales&publisher_id=1252&adgroup_ids=77358%2C101056%2C98813&impression_id=Y19wHixiLLLnzgxgGlTv0QAAAAc&adgroup_variant_ids=184409%2C258348%2C271764&geo_ccod=au&geo_dma=&hosting_facility=0&smartad_id=5284

Requested by

Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xFFC3AF3886CA49D4A3A8FCBCBA790874&third_party_tracking=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:07 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.dianomi.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 762a74652852a874-SYD
access-control-allow-headers: dianomi-force-dmp

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame 664F
Redirect Chain

https://idsync.rlcdn.com/425276.gif?partner_uid=398e19dc20110e91a3415fbcd8d22f3f
https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIDM5OGUxOWRjMjAxMTBlOTFhMzQxNWZiY2Q4ZDIyZjNmEAAaDQif4P2aBhIFCOgHEABCAEoA
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=90b71268-afc4-44fa-949b-6d68ebcb6d36

42 B
60 B

281ms
281ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=90b71268-afc4-44fa-949b-6d68ebcb6d36
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 31 Oct 2022 06:50:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=90b71268-afc4-44fa-949b-6d68ebcb6d36
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

bidswitch
data.dianomi.com/frontend/ Frame 664F
Redirect Chain

https://x.bidswitch.net/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&cookie_ag...
https://x.bidswitch.net/ul_cb/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&coo...
https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=4c36030e-47ca-483f-bc93-b0ab81526207&cookie_age=0&username=398e19dc20110e91a3415fbcd8d22f3f

68 B
270 B

385ms
385ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=4c36030e-47ca-483f-bc93-b0ab81526207&cookie_age=0&username=398e19dc20110e91a3415fbcd8d22f3f

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5284

Protocol

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 762a746cb8baa874-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Location: https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=4c36030e-47ca-483f-bc93-b0ab81526207&cookie_age=0&username=398e19dc20110e91a3415fbcd8d22f3f
Date: Mon, 31 Oct 2022 06:50:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 271A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

281 B
554 B

823ms
279ms

Document
text/html

23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Requested by: Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xF7C60DF5987A46AF9A3BC6F91C3D7CE3&third_party_tracking=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 31 Oct 2022 06:50:09 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 31 Oct 2022 06:50:08 GMT
location: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
server: AkamaiGHost

GET
H2 200 pixel Show response
data.dianomi.com/frontend/ Frame F298 0
44 B 397ms
396ms XHR
text/plain 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.themandarin.com.au%2F&can_programmatic=1&geo_country=9&smartad_variant_id=6938&device_type=computer&organization=netprotect&referer=https%3A%2F%2Fwww.themandarin.com.au%2F&geo_state=new%20south%20wales&publisher_id=1252&adgroup_ids=117055%2C101056%2C98813%2C116618%2C111398&impression_id=Y19wHqTmifuzrCCNJwlAiAAAAAE&adgroup_variant_ids=276019%2C258348%2C271763%2C275362%2C266931&geo_ccod=au&geo_dma=&hosting_facility=0&smartad_id=4755

Requested by

Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xF7C60DF5987A46AF9A3BC6F91C3D7CE3&third_party_tracking=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:07 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.dianomi.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 762a7465b8eba874-SYD
access-control-allow-headers: dianomi-force-dmp

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame F298
Redirect Chain

https://idsync.rlcdn.com/425276.gif?partner_uid=36b1c3ba99aa72be614c66b079c1c5db
https://pippio.com/api/sync?pid=5324&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIoOD9mgYSBAgCEABCAEoA
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIoOD9mgYSBAgCEABCAEoA&google_error=3
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=bbfc6dd6-c92f-4634-939c-1305e5f38725

42 B
60 B

278ms
278ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=bbfc6dd6-c92f-4634-939c-1305e5f38725
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=bbfc6dd6-c92f-4634-939c-1305e5f38725
date: Mon, 31 Oct 2022 06:50:09 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

bidswitch
data.dianomi.com/frontend/ Frame F298
Redirect Chain

https://x.bidswitch.net/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&cookie_ag...
https://x.bidswitch.net/ul_cb/check_uuid/https:%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fgdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D&us_privacy=$%7BUS_PRIVACY%7D&uid=$%7BBSW_UUID%7D&coo...
https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=efb6512c-5e37-4f27-aa71-c746ad750c2b&cookie_age=0&username=36b1c3ba99aa72be614c66b079c1c5db

68 B
233 B

395ms
395ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=efb6512c-5e37-4f27-aa71-c746ad750c2b&cookie_age=0&username=36b1c3ba99aa72be614c66b079c1c5db

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=4755

Protocol

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 762a746f5c17a874-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Location: https://data.dianomi.com/frontend/bidswitch?gdpr=&gdpr_consent=&us_privacy=&uid=efb6512c-5e37-4f27-aa71-c746ad750c2b&cookie_age=0&username=36b1c3ba99aa72be614c66b079c1c5db
Date: Mon, 31 Oct 2022 06:50:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 2508314745853331 Show response
connect.facebook.net/signals/config/ 294 KB
84 KB 658ms
456ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2508314745853331?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

03ff0fb5cae39ad431c25d861a493fe24d836c47e1c971aa532fe5c14faa7494

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 31 Oct 2022 06:50:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4DCnHpIsGoEq0FTa2MAJGIopG15iNrFfMAtSZ4nLikWxKILqrrjjssqBABy+gJrIswr3zZIQdmGSfvNXQ7kPuA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
74 B 193ms
193ms XHR
text/plain 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52885710-1&cid=1687346682.1667199007&jid=2068026959&gjid=829006893&_gid=240230124.1667199007&_u=YEBAAUAAAAAAACAAI~&z=782151369

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.themandarin.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.themandarin.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10813170637/ 2 KB
1 KB 630ms
243ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10813170637/?random=1667199007976&cv=9&fst=1667199007976&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&tiba=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021&auid=1132636501.1667199007&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

42923067a04a6098bcb228332c797e630396521f3ea20cf5bccb89340feec174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1110
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 621ms
232ms Image
image/gif 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52885710-1&cid=1687346682.1667199007&jid=1511762014&_u=YGDAgUABAAAAAGAAI~&z=772971725

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 586ms
197ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52885710-1&cid=1687346682.1667199007&jid=1511762014&_u=YGDAgUABAAAAAGAAI~&z=772971725

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 1132ms
337ms Image
image/gif 23.36.253.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&pageId=108576&pid=118009&debug_metadata=5v1Ia2DCgv&fv=1094&ts=1667199008075&f=1&referer=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.253.98 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-253-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 1128ms
333ms Image
image/gif 23.36.253.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&pageId=108576&pid=118009&slot=polymorph&fv=1094&ts=1667199008084&f=1&referer=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.253.98 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-253-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 31 Oct 2022 06:50:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/108576/ 610 B
905 B 390ms
390ms XHR
application/json 23.195.153.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/108576/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&page=%7B%22id%22%3A108576%2C%22placements%22%3A%5B%7B%22id%22%3A118009%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A798%2C%22height%22%3A449%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&formatVersion=1094&env=js-web&netBw=10&ttfb=100
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-153-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 01fd499c1ec9923d7cfaba42995c1ff24eea1db9f03d3be3e91f0d48f7bb84d1

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.themandarin.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.themandarin.com.au
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 419
expires: Mon, 31 Oct 2022 06:50:08 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 522ms
231ms Image
image/gif 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52885710-1&cid=1687346682.1667199007&jid=2068026959&_u=YEBAAUAAAAAAACAAI~&z=1538886792

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 488ms
198ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52885710-1&cid=1687346682.1667199007&jid=2068026959&_u=YEBAAUAAAAAAACAAI~&z=1538886792

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8D44
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
216 B

494ms
193ms

XHR
application/json

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

a2f695fec6f7ebae40168d557720a380b24ef51d1085f5c7cc2399746a33bcc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8D44 29 B
587 B 585ms
193ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:43:06 GMT
x-content-type-options: nosniff
age: 422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Oct 2022 06:58:06 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 589ms
195ms Preflight
text/html 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 31 Oct 2022 06:50:08 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8D44 65 KB
30 KB 505ms
204ms XHR
application/json+protobuf 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

a362adb6ced7ba102908ad2cb0ae876b00499f742cae1706fb31173219f4dede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30581
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/ Frame 8D44 118 KB
36 KB 195ms
194ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

8da5fa9188643b8995c88fe0f091dc6ee4f809115a02c1ab6cb30318c1c38717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37031
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:47:07 GMT

GET
H2 200 U__vy9oQYEAHXumYNbpwDo-BHbCBWjMavCmQTt1Znio.js Show response
www.google.com/js/th/ Frame 8D44 36 KB
14 KB 304ms
193ms Script
text/javascript 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/U__vy9oQYEAHXumYNbpwDo-BHbCBWjMavCmQTt1Znio.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

sffe /

Resource Hash

53ffefcbda106040075ee99835ba700e8f811db0815a331abc29904edd599e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 12:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14109
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 12:46:34 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/ Frame 8D44 26 KB
8 KB 193ms
193ms Script
text/javascript 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

sffe /

Resource Hash

45629e479716a7f923b92b8e5ea234b5aaaf5c225cb48f1f035d55ea16c43a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8197
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Oct 2023 01:32:53 GMT

GET
DATA 200
OK truncated
/ Frame 8D44 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu_zFXXfM3FcKPL7tVYhsMja8WL2tebyZyD4UX1s=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8D44 2 KB
3 KB 590ms
200ms Image
image/jpeg 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_zFXXfM3FcKPL7tVYhsMja8WL2tebyZyD4UX1s=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

fife /

Resource Hash

4f3a9f6e4add0ebf47ffabf37e5987d8a34a31427daac1e60e3c0c3a6aae8b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2206
x-xss-protection: 0
expires: Tue, 01 Nov 2022 06:50:08 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/dnPFRE6H76w/ Frame 8D44 18 KB
19 KB 586ms
197ms Image
image/webp 142.251.10.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/dnPFRE6H76w/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f119.1e100.net

Software

sffe /

Resource Hash

cf1fbe6bcab2b09205f17a12d55c03fffcf3cf27ec09ef17b138298f53e8ba5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:08 GMT
x-content-type-options: nosniff
server: sffe
etag: "1442968407"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18666
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 31 Oct 2022 08:50:08 GMT

GET
H2 200 pubads_impl_2022102501.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 494ms
193ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 23:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130606
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 08:35:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 23:33:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 85 B
105 B 581ms
195ms XHR
application/json 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themandarin.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

e3bfcc252845dfab30053f76d2eb7740f031be381f2236b389ae8d9e499aed93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Mon, 31 Oct 2022 06:50:08 GMT

GET
H2 200 iframe Show response
sync.teads.tv/ Frame CE49 2 KB
1 KB 1123ms
337ms Document
text/html 23.53.160.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-138.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 915baa36cf25faecb145397a5059a7b9ae0aa36f53869d9c5b7e22b3c120ff50

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 664
content-type: text/html; charset=UTF-8
date: Mon, 31 Oct 2022 06:50:09 GMT
expires: Mon, 31 Oct 2022 06:50:09 GMT
pragma: no-cache
server: akka-http/10.2.9
vary: Accept-Encoding

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8D44 4 KB
3 KB 583ms
194ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Oct 2022 06:50:08 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10813170637/ 42 B
154 B 503ms
201ms Image
image/gif 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10813170637/?random=1667199007976&cv=9&fst=1667196000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&tiba=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021&async=1&fmt=3&is_vtc=1&random=955871123&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/10813170637/ 42 B
154 B 499ms
198ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/10813170637/?random=1667199007976&cv=9&fst=1667196000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&tiba=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021&async=1&fmt=3&is_vtc=1&random=955871123&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 8D44 0
10 B 193ms
192ms Image
text/plain 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?E-bHdQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f190.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 601ms
199ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2508314745853331&ev=PageView&dl=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&rl=&if=false&ts=1667199008871&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22205934154529358%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22387530985569005%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221088663428228682%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221632785173580629%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.2.1667199008868.1678757463&it=1667199007781&coo=false&rqm=GET

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 31 Oct 2022 06:50:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 8D44 52 KB
15 KB 494ms
192ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 12:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 31 Oct 2022 12:40:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 588ms
195ms Script
application/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.themandarin.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 587ms
194ms Script
application/javascript 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.themandarin.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 229ms
229ms XHR
text/plain 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2201257634447526&correlator=3490118116478943&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=21827659304%2CMandarin%2Cjurisdiction%2Cfederal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=262x82&ifi=1&adks=4275371325&sfv=1-0-38&prev_scp=pos%3D1&cust_params=pl_pageid%3D204180%26pl_profanity%3Dfalse%26pl_industry%3Dbusiness%26user_premium%3Dno%26pl_category%3DFederal&sc=1&cookie_enabled=1&abxe=1&dt=1667199009255&lmt=1667199009&dlt=1667199004969&idt=4238&adxs=230&adys=1069&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&frm=20&vis=1&psz=262x82&msz=262x-1&fws=4&ohw=1600&ga_vid=1687346682.1667199007&ga_sid=1667199009&ga_hid=1552417132&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

475f074d2399ed80772c5eb9350827ac897d59c61e03146393ca47071e6c6d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9045
x-xss-protection: 0
google-lineitem-id: 6141544488
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409887425
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.themandarin.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F26 6 KB
4 KB 595ms
194ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 06:50:09 GMT
expires: Tue, 31 Oct 2023 06:50:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 729ms
729ms XHR
text/plain 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2201257634447526&correlator=3490118116478943&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=21827659304%2CMandarin%2Cjurisdiction%2Cfederal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600%7C300x250%7C300x600&ifi=2&adks=3988899838&sfv=1-0-38&prev_scp=pos%3D1&cust_params=pl_pageid%3D204180%26pl_profanity%3Dfalse%26pl_industry%3Dbusiness%26user_premium%3Dno%26pl_category%3DFederal&sc=1&cookie_enabled=1&abxe=1&dt=1667199009266&lmt=1667199009&dlt=1667199004969&idt=4238&adxs=215&adys=479&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&frm=20&vis=1&psz=292x45&msz=292x15&fws=4&ohw=1600&ga_vid=1687346682.1667199007&ga_sid=1667199009&ga_hid=1552417132&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

d21f95a1947f684df0382c90382a128687cca9ce1436745c70b71398ea23cb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10668
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.themandarin.com.au
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 1061ms
1060ms XHR
text/plain 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2201257634447526&correlator=3490118116478943&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=21827659304%2CMandarin%2Cjurisdiction%2Cfederal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=3&adks=1866246542&sfv=1-0-38&prev_scp=pos%3D1&cust_params=pl_pageid%3D204180%26pl_profanity%3Dfalse%26pl_industry%3Dbusiness%26user_premium%3Dno%26pl_category%3DFederal&sc=1&cookie_enabled=1&abxe=1&dt=1667199009270&lmt=1667199009&dlt=1667199004969&idt=4238&adxs=620&adys=56&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&frm=20&vis=1&psz=765x105&msz=765x15&fws=4&ohw=1600&ga_vid=1687346682.1667199007&ga_sid=1667199009&ga_hid=1552417132&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

be55282a1582cb36942418374f12731c8ffecb291a28e36e047d9ed646b38c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12920
x-xss-protection: 0
google-lineitem-id: 6058765612
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138408337663
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.themandarin.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 561 B
308 B 1053ms
1052ms XHR
text/plain 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2201257634447526&correlator=3490118116478943&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=21827659304%2CMandarin%2Cjurisdiction%2Cfederal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=262x82&ifi=4&adks=191082977&sfv=1-0-38&prev_scp=pos%3D2&cust_params=pl_pageid%3D204180%26pl_profanity%3Dfalse%26pl_industry%3Dbusiness%26user_premium%3Dno%26pl_category%3DFederal&sc=1&cookie_enabled=1&abxe=1&dt=1667199009273&lmt=1667199009&dlt=1667199004969&idt=4238&adxs=230&adys=1161&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&frm=20&vis=1&psz=262x82&msz=262x-1&fws=4&ohw=1600&ga_vid=1687346682.1667199007&ga_sid=1667199009&ga_hid=1552417132&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

a91a4bb1024cb89860127992112f83653391e4183608ae981f8eeeae4f53aaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 277
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.themandarin.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 271A 32 KB
10 KB 299ms
298ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 06:50:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=58435
Connection: keep-alive
Content-Length: 9455
Expires: Mon, 31 Oct 2022 23:04:04 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 2A2A 0
54 B 282ms
282ms Document
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.themandarin.com.au
Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.themandarin.com.au
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 06:50:09 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EB4A 32 KB
10 KB 286ms
285ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 06:50:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=58435
Connection: keep-alive
Content-Length: 9455
Expires: Mon, 31 Oct 2022 23:04:04 GMT

GET
H2 200 container.html Show response
3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6EE9 6 KB
3 KB 337ms
196ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 06:50:09 GMT
expires: Tue, 31 Oct 2023 06:50:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE49
Redirect Chain

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzRlY2M2Y2YtMzYwMS00ZTkxLThmYzktMjRjMTgxNzE5OGEw

170 B
243 B

498ms
196ms

Image
image/png

142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzRlY2M2Y2YtMzYwMS00ZTkxLThmYzktMjRjMTgxNzE5OGEw

Requested by

Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482

Protocol

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:09 GMT
server: akka-http/10.2.9
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzRlY2M2Y2YtMzYwMS00ZTkxLThmYzktMjRjMTgxNzE5OGEw
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Mon, 31 Oct 2022 06:50:09 GMT

GET
H2

200

um
sync.teads.tv/ Frame CE49
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1667199009413
https://match.adsrvr.org/track/cmb/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1667199009413
https://sync.teads.tv/um?eid=22&uid=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=

23 B
172 B

331ms
331ms

Image
image/gif

23.53.160.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=22&uid=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H2
Server: 23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-138.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 06:50:10 GMT
pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.teads.tv/um?eid=22&uid=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 217

GET
H2

200

um
sync.teads.tv/ Frame CE49
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1667199009413
https://sync.teads.tv/um?fp=1&eid=80&uid=27ae0c6e-c7f4-4355-b91f-2126f62ee2f2&gdpr=0&gdpr_consent=

23 B
172 B

352ms
351ms

Image
image/gif

23.53.160.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?fp=1&eid=80&uid=27ae0c6e-c7f4-4355-b91f-2126f62ee2f2&gdpr=0&gdpr_consent=
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H2
Server: 23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-138.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 06:50:10 GMT
pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:09 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.teads.tv/um?fp=1&eid=80&uid=27ae0c6e-c7f4-4355-b91f-2126f62ee2f2&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1524230
content-length: 0
expires: Mon, 31 Oct 2022 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame CE49
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/teads/74ecc6cf-3601-4e91-8fc9-24c1817198a0?gdpr=0&gdpr_consent=&_t=1667199009413
https://sync.teads.tv/um?eid=132&uid=y-PUcvtMZE2oQ5KsPEXBdMpXwFEej.Xb80CO4-~A

23 B
172 B

330ms
329ms

Image
image/gif

23.53.160.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=132&uid=y-PUcvtMZE2oQ5KsPEXBdMpXwFEej.Xb80CO4-~A
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H2
Server: 23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-138.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 06:50:10 GMT
pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

date: Mon, 31 Oct 2022 06:50:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.teads.tv/um?eid=132&uid=y-PUcvtMZE2oQ5KsPEXBdMpXwFEej.Xb80CO4-~A
content-length: 0

GET
H2

200

pixel.gif
load77.exelator.com/ Frame CE49
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_ap_au&gdpr_consent=&_t=1667199009413
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_ap_au&gdpr_consent=&_t=1667199009413&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
345 B

938ms
308ms

Image
image/gif

89.187.162.134
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H2
Server: 89.187.162.134 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-162-134.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-nzt: AVm7ooRi31D/yUsGAA
x-accel-expires: @1667823194
date: Mon, 31 Oct 2022 06:50:11 GMT
x-77-pop: singaporeSG
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: ffffffff56768b8e23705f6346e0751b
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-77-cache: HIT
x-age: 412617
accept-ranges: bytes
content-length: 43

Redirect headers

date: Mon, 31 Oct 2022 06:50:10 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 44858
tags.bluekai.com/site/ Frame CE49 62 B
507 B 1321ms
673ms Image
image/gif 23.73.13.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/44858?id=74ecc6cf-3601-4e91-8fc9-24c1817198a0_ap_au&limit=1&gdpr_consent=&_t=1667199009413
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.13.201 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-13-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 31 Oct 2022 06:50:10 GMT
content-length: 62
content-type: image/gif

GET
H3 400 474599.gif
idsync.rlcdn.com/ Frame CE49 0
0 283ms
281ms Image
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/474599.gif?partner_uid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_au&cv=&_t=1667199009413
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame CE49 43 B
500 B 813ms
269ms Image
image/gif 52.197.202.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_au&_tid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&gdpr_consent=&_t=1667199009413
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.202.80 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-202-80.ap-northeast-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame CE49 0
338 B 834ms
275ms Image
text/plain 35.160.185.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_au&gdpr_consent=&_t=1667199009413
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=118009&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=fcbf6085-4d4e-4444-9f22-cb69e5c3ef78&vid=74ecc6cf-3601-4e91-8fc9-24c1817198a0&1667199008482
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.185.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-185-12.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n012-pdx-prod.krxd.net
date: Mon, 31 Oct 2022 06:50:10 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1667199010
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 194ms
194ms Preflight
text/html 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 31 Oct 2022 06:50:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8D44 90 B
134 B 198ms
197ms XHR
application/json+protobuf 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

bbc71fde5502474abfff3d270af3fc852af9c0918350384ab39e05a71c08f417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 31 Oct 2022 06:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 271A 284 B
921 B 798ms
199ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame EB4A 284 B
934 B 790ms
198ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 6EE9 23 KB
10 KB 584ms
193ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: 3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com
URL: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 15:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 15:55:52 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6EE9 22 KB
7 KB 619ms
228ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com
URL: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 29 Oct 2023 01:38:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EE9 153 KB
47 KB 2726ms
2722ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com
URL: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Oct 2022 06:50:12 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210071758000/ Frame 3C30 221 KB
61 KB 588ms
192ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Oct 2022 01:42:32 GMT
age: 191258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61557
x-xss-protection: 0
server: sffe
etag: "6f919b986f193e5c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Oct 2023 01:42:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C30 14 KB
5 KB 921ms
526ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Oct 2022 01:42:51 GMT
age: 191239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Oct 2023 01:42:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C30 94 KB
28 KB 949ms
554ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Oct 2022 01:47:15 GMT
age: 190975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Oct 2023 01:47:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C30 5 KB
2 KB 939ms
544ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Oct 2022 01:32:53 GMT
age: 191837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Oct 2023 01:32:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C30 40 KB
13 KB 1027ms
632ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Oct 2022 01:30:54 GMT
age: 191956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Oct 2023 01:30:54 GMT

GET
DATA 200
OK truncated
/ Frame 3C30 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 221650cf681d68d48a0b16bd08d473ab8a75290132e5b8ce14c8d26725bbb76a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4167853195879252156
tpc.googlesyndication.com/simgad/ Frame 3C30 14 KB
14 KB 503ms
257ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4167853195879252156?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlu5DbmPl0Gk94FVY3NVyVvlYYrzQ

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

6e3c3c649e00790bb5ad26ddd64896a98a1ed3ede9bc8f1a02c28251cd5f7cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:33:25 GMT
x-content-type-options: nosniff
age: 109005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14140
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 05:59:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 30 Oct 2023 00:33:25 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C30 3 KB
3 KB 465ms
219ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:03:11 GMT
x-content-type-options: nosniff
server: cafe
age: 6419
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:03:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C30 344 B
474 B 464ms
218ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 12:35:44 GMT
x-content-type-options: nosniff
server: cafe
age: 65666
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 31 Oct 2022 12:35:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3C30 0
0 241ms
238ms Image
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXhYxPoMa5KJ87z1Wq59tTTRsPuxEP8AFSlT17qbfNQ4rQERMCVvahUZv05ygcYfessFKwXRVZE2PmWPP0o2JMtV82uA
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3C30 0
0 208ms
205ms Image
text/html 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyobJIXBfY4OwGICMssUPtoyryAO888WaaqnR4YiSDr7Qr9OXDhABILfzhnZgpYCAgJABoAG6wsSaA8gBAqkCe5mv2OWCpT7gAgCoAwHIAwiqBMUCT9AXyMIyBYC22N-a3p_jEC9plyNI2FvTeFYYUoCOS-13k4dk29TuTps-Rk2ldvefJZXMrSoNgTGGfMy5KM6teErP6POCulJRnyx1M_oh1oZ68vJmq0z-320uHGUc48tIebRoykXEp8FRvVphdbaSUQOaCm-4_ME143YLidHp7Asv5t_HGVL0ZBCaKfm89gHdyMT9akfZkkwloXwmUT_23cPOtk27QocxS3fZBMNTA2LGoMEczzDnJ1oyjfjwAJ4ywCxl0GTwX4xnMcw9pFUBQTfvTUYkqeIeCxED58GdxB1cQkyilr3TzZA7DjdhNdeq1I2eiveWPsQIrrP0YVH3yQ8sMdZEKWspRAY6zebqjQhBHB-NDoWLK_okPvGD_eeGDg_5KieU0AzlwiMEPA1i6Mh6DRf9MoMKsOAsiwo2-2pgMAe5ucAEra6g4M0D4AQBkgUECAQYAZIFBAgFGASgBgKAB669u2WoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCnmCfSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMTkyOTI3MTU1NTAwMjA3OBiS8XE&sigh=oRqemhr1rAc&uach_m=[UACH]
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C49 0
0 198ms
198ms Fetch
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoksxbvpISxYQKb9ZJfDXPg8AQ4xJCeJrmGSP1Ev4a_wj228s3YPQeo1eHxftpktqy995-8tgFW9wlFLjxF5s9HhQDYsy7mSkqAsNNtfY85ueM0tG2ULq-P6pHyDWBq3D00inRPsEsG9LC-GS5l8i0LR5RT2H7RIpTsmKigtLX8VZgumeRWZkQqu-4V_n3Lnm752aevHBzMz76009YAuRpF5kGtARxr8qLI_WCda7XgzaO8XS2DXQsNYjjdg3ZW-EraB31Vq0IzTZ6jWtANpKRnhWXD211Ru75VziKFVnc20b0mQdxI1_fN23vuz0eHCOEhcGyLHPoFZ-SyWO-XW1aneytu9n52LKCuZI04Q&sai=AMfl-YQ2-iNeey7ayFjwalkoMtdSAXZt_F3PYNHPSY_2iYiNyl3aJJamC2YPYT80-aAFfzttci8KGGfW0i-MVLPDZw4_LCX4JqCQw2pEZWH1b9Ljbw-TJZNZndGKMQbnBq22eQ&sig=Cg0ArKJSzOKbmm_M35-UEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 3C49 3 KB
1 KB 321ms
321ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 02:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 02:41:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C49 153 KB
47 KB 2455ms
2455ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Oct 2022 06:50:12 GMT

GET
H2 200 7041904808335018499
tpc.googlesyndication.com/simgad/ Frame 3C49 42 KB
42 KB 329ms
329ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7041904808335018499

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

a655f67c038c6cb7750c60f9f67389400ee9926a669e53e18aea1953cf7da474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43350
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 00:05:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 31 Oct 2023 06:50:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3C49 0
0 237ms
237ms Image
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgBDGFZKgDhQQTPGLDKd4T67oJgVoK1B29PDrWuOCsgukuBsU_hGqRHZie1GLWzhuQA_4dVcAE4SBL48TNb2T-uzRvsw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3C49 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60e2c76396a11f1e45984d80b22830984947f075ee2a09633457da50231f6599

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rubicon
data.dianomi.com/frontend/ Frame 271A
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&khaos=L9WF8THJ-5-4EFZ
https://data.dianomi.com/frontend/rubicon?uid=L9WF8THJ-5-4EFZ

68 B
285 B

383ms
383ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/rubicon?uid=L9WF8THJ-5-4EFZ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Protocol

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 762a7481aa1ba874-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://data.dianomi.com/frontend/rubicon?uid=L9WF8THJ-5-4EFZ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a414d61fde5a538d1bc5c621aec59518
Expires: 0

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 6EE9 109 KB
38 KB 584ms
193ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com
URL: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/
Origin: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 04:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 04:37:28 GMT

GET
H2

200

rubicon
data.dianomi.com/frontend/ Frame EB4A
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&khaos=L9WF8TII-1E-3634
https://data.dianomi.com/frontend/rubicon?uid=L9WF8TII-1E-3634

68 B
262 B

389ms
389ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/rubicon?uid=L9WF8TII-1E-3634

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Protocol

Server

104.18.35.151 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 762a7481ba2ea874-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://data.dianomi.com/frontend/rubicon?uid=L9WF8TII-1E-3634
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a414d61fde5a538d1bc5c621aec59518
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 271A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEiAiLLI_4ZcdtjD7BoJaXs&google_cver=1

42 B
691 B

788ms
198ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEiAiLLI_4ZcdtjD7BoJaXs&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEiAiLLI_4ZcdtjD7BoJaXs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 271A
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

787ms
198ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9897da77-1ec5-47ae-a822-28949d3ac562&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 271A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlXRjhUSUktMUUtMzYzNA==

170 B
188 B

197ms
197ms

Image
image/png

142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlXRjhUSUktMUUtMzYzNA==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Protocol

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlXRjhUSUktMUUtMzYzNA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 271A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/E1bM8kXcS47bHt-A1MT7mcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3079155051574305910

42 B
691 B

582ms
198ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3079155051574305910
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 31 Oct 2022 06:50:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3079155051574305910
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 271A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ibpS7uGWS9SMN9m66D0rrg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ibpS7uGWS9SMN9m66D0rrg

43 B
479 B

313ms
313ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ibpS7uGWS9SMN9m66D0rrg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Oct 2022 06:50:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2N3H73JAR4FB0V21BJ1S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ibpS7uGWS9SMN9m66D0rrg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 271A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjZDcxZGY1YWVmMTUyNzQ4ZjUyY2FhMTgxNGNiZDViOTMwMTQ1OQ

170 B
188 B

199ms
198ms

Image
image/png

142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjZDcxZGY1YWVmMTUyNzQ4ZjUyY2FhMTgxNGNiZDViOTMwMTQ1OQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Protocol

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjZDcxZGY1YWVmMTUyNzQ4ZjUyY2FhMTgxNGNiZDViOTMwMTQ1OQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 271A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=L9WF8TII-1E-3634&ex=d-rubiconproject.com&status=ok

43 B
479 B

692ms
310ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=L9WF8TII-1E-3634&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Oct 2022 06:50:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BY1PMKENVTE8M9AXY3F1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=L9WF8TII-1E-3634&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 271A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9WF8TII-1E-3634

0
141 B

296ms
295ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9WF8TII-1E-3634
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9FA993C7966A47509028596E020F3797 Ref B: SYD03EDGE1420 Ref C: 2022-10-31T06:50:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsTwTUEfVciM6pNKl0LA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9WF8TII-1E-3634
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

196ms
195ms

Image
text/html

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: H3
Server: 74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date: Mon, 31 Oct 2022 06:50:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 MAN-Pos2-TextAd.html Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 10 KB
3 KB 812ms
426ms Document
text/html 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

5d6f744872d533fd01fc25a02a22dc778a0da1dce5c449fc5177fea6557be23f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3047
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 06:50:12 GMT
expires: Tue, 01 Nov 2022 06:50:12 GMT
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6EE9 0
26 B 199ms
198ms Image
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssb6GMjmjT8jUt_-nA_wJ-pkITR-uqBhmVsgPyY2bby-61h-mh4n4Vrw4QjEMd9y6X4PM-snHh-S6BHID_cPsSBrFuWfp_ZfaskhZKOYm6gTZFaqDeCR3CfruQ_eDRjeGm1MMj1RSpNU7vMZe0l5PHRRbd2SfxzsKzsYs4gTIy9F8iNZBG-JL0Q3ycd2cXski3vW9oonHI2jEn7Qxy67-Cg0phbStp5yhOzVZNYCazakNkprjxJZY8OBUbGNTeJDBSr0oGdtXcPV3QnpVE08EbXG5nT3J8ZC_TxqLO632riixs7MeEc7Yrt-Ich7TKVytRucl1RTifggDmHNlLRyuQhdOTAmT5B63ksifBWWQ&sai=AMfl-YTIjZDORQCKj2GeOuaSLBD7XMW-Z6yuwFbXO1c2QtO5Y5Eh572sZfZx1uL3x7h4R8uSLFwQnPutDXSoeUhpVqOohjtWKbC7AFeF2cOmtuWj0t8QrDwvmDggJuZNyunH&sig=Cg0ArKJSzOynbpy6tCEnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com
URL: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8D44 28 B
50 B 206ms
205ms XHR
application/json 74.125.24.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f190.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1667199011639
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dnPFRE6H76w?enablejsapi=1&origin=https%3A%2F%2Fwww.themandarin.com.au
X-YouTube-Client-Version: 1.20221026.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtOT2pNcnpscjR1TSif4P2aBg%3D%3D
X-YouTube-Ad-Signals: dt=1667199007850&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C793%2C528&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 31 Oct 2022 06:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3C30 42 B
272 B 202ms
201ms Image
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDFfQaavwpY3ocRdeDuXgC5IU-sbZ71ygvEEhpOCUV4J3e0imC93kIDcYN2lgu8dhxjHK7k5wfBG9zG1B2_UXAmJjG2Jipfjnj1VW0dUtJqR-vmSZi9PecraWoO3igL3_d7ts&sai=AMfl-YSbop7HlMzM28IH1aDIkYVKSJS1-AhI1vR3sY5gVORB4y9WfxEy_K37j1f86NEQLUPojlJRMEo_ht8s667dwyD4uNfqEbNp8pK38bAuuFQwq_0nqyiSmKZSlnAPjw&sig=Cg0ArKJSzHnBICgu5h34EAE&cid=CAASFeRo3fZM9_wrbXYsqwXMgmN78DnkdA&id=ampim&o=281,479&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1061&tls=2062&g=100&h=100&tt=2062&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 26 B
48 B 292ms
291ms Stylesheet
text/css 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 01:24:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 20 KB
6 KB 379ms
376ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6268
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 55 B
77 B 399ms
396ms Stylesheet
text/css 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 731 B
259 B 251ms
248ms Stylesheet
text/css 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 24 B
46 B 245ms
243ms Stylesheet
text/css 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 303 B
198 B 260ms
257ms Stylesheet
text/css 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 173
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D927 371 B
301 B 199ms
196ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

5d5c4f3b03e8b53928e072ab4ead1c1a644a3bc4b2dc6bd5173900d19786356b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 06:50:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 06:50:12 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 400 B
300 B 481ms
478ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 3 KB
1 KB 296ms
293ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1308
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 8 KB
3 KB 471ms
468ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame D927 136 KB
46 KB 197ms
195ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Oct 2022 07:01:21 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 13 KB
4 KB 403ms
401ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4427
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 5 KB
2 KB 254ms
252ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2014
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 1 KB
615 B 254ms
252ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 4 KB
2 KB 300ms
298ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1725
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 gwd-text-fitting.js Show response
s0.2mdn.net/dfp/1865874/4979742908/1666833868658/ Frame D927 5 KB
2 KB 275ms
273ms Script
text/javascript 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/gwd-text-fitting.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1865874/4979742908/1666833868658/MAN-Pos2-TextAd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2038
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 01:24:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 06:50:12 GMT

GET
H3 200 ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v16/ Frame D927 13 KB
13 KB 193ms
192ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patuaone/v16/ZXuke1cDvLCKLDcimxB44_lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Patua+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:05:17 GMT
x-content-type-options: nosniff
age: 369895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12876
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:40:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:05:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6EE9 0
0 198ms
198ms Fetch
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW7JJHyRlB-f87iX1be2UjXUG9oZ98w_rxjDcCDb5iPeI4E-qlV9AQFzdYo7IVHFdpYYBQ_TRGMcRgYCP8N6y438QPUElwNFveIaF_v5UZcJpXz8xikMQXrYgRWdSPwdRPNmJCVewC4mezl68RhSW1fAauDiWtu-GBZ_6zoDOuYFr4IIZaKRx7BCzB651sJqT-suL-lAchuJgaAplmW1SJjTYZqG08eAEPy-qi4OLLxfPeKp9lGxzfigLU7pvqsYbyKwJ2J3zXnNs5vidPqKRwFjDkJIQRW-MeVFyJEC-0DLBFRs6JW_IA_jn7xdP5hiWS4osKmffjLT0tYOkD8gUpW8KQpbQLO1V_hfiskxNq&sai=AMfl-YRWiD4CKJAQi8EvrIGyW3FP3sLI0JrwZ7hTXkcnqncuWmWPF5quoowlpDzL2oGOF3xg4fQ-mNAEBclibD2NzY3H9N1Lst6CLZ8a1yps9yZ4ttS2ub7g4o5Zb1xPDLkD&sig=Cg0ArKJSzEuuaYgpl-StEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Oct 2022 06:50:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C49 0
0 197ms
197ms Fetch
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9zJikVixDDLcOHs9SH1n9TWhEVDcCFSImM0NG_Xh2drT9fnFzoEEDc3ARvkz5SrHVS_lRrdSdZoiBy5hT855S13m4VvTi5_jaIMYsnxlhslJOyDNMkHyL0pr3-t_mKCQ_FnKdetjkg4GK9Huq2NrWkt0VEgwpKSKFGz6_-BjTTb2GkUeXRIunybNwYIOUoI0lTw7Ng-dVi4P_-Saj9_xFYjxG1epxK3PRCRN01dR94zx0LoKsQuhpNXRPdeYTCo5airojatOI3Es4kpTU5ui1fGQBEQTnyu63Tde7J5iRPCh6aGf1Z0HZIKSDuMN43rOxSQh5vEgg2ON9Cet-t5kzGbeYODRTJxDKzmorknBY&sai=AMfl-YR6jzS_mtOGDWklc2ndFKqCu89OPNlQVaEi1t6ozN2Ay9AYHN3MZ0OMzrLH1QEqX6RJEjtE4qb191t5oKU9ku_IPkLoXRJy32iV8Ht_zalOah-qs8cC9KbiaXDPc7IgkQ&sig=Cg0ArKJSzHciIjmvN2tuEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Oct 2022 06:50:13 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 898ms
299ms Script
application/javascript 34.237.219.119

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.themandarin.com.au
URL: https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 -, , ASN (),
Reverse DNS
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 06:50:13 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Fri, 28 Oct 2022 05:24:38 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Wed, 30 Oct 2024 06:50:13 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 203ms
203ms XHR
application/json 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

677dca1fd305e4fcd220b55100ab357b952e0410457b033c2b5ef682e614d476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11359
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 495ms
194ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Oct 2022 06:50:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D7E 13 KB
5 KB 199ms
194ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 136773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 16:50:41 GMT
expires: Sun, 29 Oct 2023 16:50:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 67D3 783 B
534 B 205ms
200ms Document
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

GSE /

Resource Hash

232a0820c5635b37a25e10e8f907dab379267a3ce72d0427c64eff050166a199

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yO4sVCaARY_gs8xmMsVrzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.themandarin.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-yO4sVCaARY_gs8xmMsVrzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 06:50:14 GMT
expires: Mon, 31 Oct 2022 06:50:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
510 B 327ms
326ms Script
text/html 34.237.219.119

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1098&account_id=273522&title=ASD%20warned%20of%20critical%20vulnerability%20for%20ForceNet%20provider%20in%202021&url=https%3A%2F%2Fwww.themandarin.com.au%2F204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 -, , ASN (),
Reverse DNS
Software: PardotServer /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 06:50:14 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
cache-control: max-age=63072000
Connection: keep-alive
Content-Length: 89
expires: Wed, 30 Oct 2024 06:50:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C49 42 B
64 B 196ms
195ms Fetch
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDUdFCl69Fo7E3w5_3HRc1xNObkhKLO2JbJMPSIb_v1U2-jg6em6iF2KQcJuGGXN0Pc91LOrUXA1K3xV0k4DX1YCPt5WzghnIKy1NS_vQTR0ywG1Q_&sig=Cg0ArKJSzAfPaLeUSyBEEAE&id=lidar2&mcvt=1000&p=56,639,146,1367&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1866246542&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667199010367&rpt=2648&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 06:50:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 67D3 0
0 195ms
194ms Image
text/html 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102501&jk=2201257634447526&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D7E 36 KB
15 KB 195ms
194ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 05:46:12 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5D7E 0
10 B 193ms
193ms Image
text/plain 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nmephQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 196ms
196ms Image
text/html 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102501&jk=2201257634447526&bg=!fn2lfTnNAAZPh4lnb4c7ACkAdvg8WlJWbL10DasEtbSryxYtjxwTz4poFMh5U0LV5GheqCmxf3LWqQIAAABoUgAAAAJoAQeZArKL7mVxUaxwEE1N8NHovnie0U9WpSYS1bcEQZW3xeaKk3Z7I-avwPO-He2YPNKOXgNIXIqRxWOxaJF4h3YDFrCg5Us1HuYAJxgKwesQcxXsRRMf_ja3cKysm9NsnvowigB29NxgZHpIgpLUh4TY2v97oY2HQoXGlyXR3-5IQJm9_dwFKhPNX4GzRiWfhdnSZGxelzZRqmHjmQqVyAiFklPTe6LLIsKA4e2wsZYCyLbeHMqAMbxeEpYSb6F2rkBW_6i19omS3fKMr_7ZKJWTi0s95wUwmJxgOMmENMYwz6xFwwtHlmlRx-ehno_zTa7_doM9I1-JIHGhZ5G_ikWUydt13JTvM1P_zLjEu6vr5KtaE6bUzUwHnHLvoTF9gMWnmYDi1tq4YWepE0Td3HFNVOS4GihRP2mCxm-wxQWYCDkwHszt8W2TsH2V_FQjpGaA8AUdDM6Uleu9LyGZet7F9shd8QPuWjouzbOua91jMyGZbS04VqjdN-XqwWffusaAUjVt4_eRLmWk8AfYTudU9KkTmgrfD-ty3kTEnTUzsqp1f0Yqtg6uoFvOp9q_hOmcIg2l_w6dzcbwJW_jWGZLWVf5G3c0wKhyG0hCrSGNQ8-t8Iaap-9NfKlN0idqrda3QHJwRT22dJQNObMud9zWrF5W5tk0ZF0BC2gRZvBvxkir7MuEWFPIttIwHl5ApaUjCBfcNRPglpyMIZ8Q-VpRjwXeyjHI1UOpVlbWq_5cqt1P1U-XLd5XqZGnNa2c_EVQaYM1CTLKgUFq6k1DA_TujudzdGHFQq_QlUitY7W2-h-9_Jyj2kRQTv9s5ncoFvzEovnOlxHT7PuaUgoKwbwn-a8CWAmyqyt8xRvBlQ63Ntf7n5I8ooztHT5D4Npa3cIwfWZ3OQjZJYreqlaUTKK25vQuAcU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.themandarin.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 8218-Mandarin-POS-2.png
www.themandarin.com.au/wp-content/uploads/2022/10/ Frame D927 9 KB
10 KB 101ms
100ms Image
image/webp 192.0.66.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.themandarin.com.au/wp-content/uploads/2022/10/8218-Mandarin-POS-2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.82 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 237e3cc694609cb5b167b731967dcb86aed31e133cfaf3c56379639282f9b792

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:50:15 GMT
x-rq: syd3 115 147 443
last-modified: Thu, 27 Oct 2022 01:02:15 GMT
server: nginx
etag: "297110d8c4691978"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9654
expires: Fri, 27 Oct 2023 01:02:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: au-ssl.effectivemeasure.net
URL: https://au-ssl.effectivemeasure.net/em.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/en_GB/base.js

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021	1969-12-31 23:59:59	Name: Value: test
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: cLTmNbBVrkY
.youtube.com/	1970-01-20 11:25:51	Name: VISITOR_INFO1_LIVE Value: NOjMrzlr4uM
.themandarin.com.au/	1970-01-20 07:06:40	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.themandarin.com.au/204180-asd-warned-of-critical-vulnerability-for-forcenet-provider-in-2021/%22%2C%22sref%22:%22%22%2C%22sts%22:1667199006617%2C%22slts%22:0}
.themandarin.com.au/	1970-01-20 16:36:03	Name: _parsely_visitor Value: {%22id%22:%22pid=7adefbc36267c791fba510282ebf1582%22%2C%22session_count%22:1%2C%22last_session_ts%22:1667199006617}
www.themandarin.com.au/	1970-01-20 07:13:51	Name: registered_from Value: 204180
www.themandarin.com.au/	1970-01-20 07:13:51	Name: track_post_id Value: 204180
www.themandarin.com.au/	1970-01-20 07:06:40	Name: gtmNewSession Value: Mon, 31 Oct 2022 06:50:06 GMT
www.themandarin.com.au/	1970-01-20 16:42:39	Name: vCount Value: 1
www.themandarin.com.au/	1970-01-20 16:42:39	Name: pvCount Value: 1
www.themandarin.com.au/	1970-01-20 13:58:29	Name: PushSubscriberStatus Value: CLOSED
www.themandarin.com.au/	1970-01-20 13:58:29	Name: peclosed Value: true
.t.co/	1970-01-20 16:42:39	Name: muc_ads Value: 12f5d9da-1b7a-4b25-8bc6-05e178fd949d
.twitter.com/	1970-01-20 16:42:39	Name: personalization_id Value: "v1_s2dWb4vgMYr2MCxfnZMOfg=="
.themandarin.com.au/	1970-01-20 09:16:15	Name: _gcl_au Value: 1.1.1132636501.1667199007
.themandarin.com.au/	1970-01-20 16:42:39	Name: _ga Value: GA1.3.1687346682.1667199007
.themandarin.com.au/	1970-01-20 07:08:05	Name: _gid Value: GA1.3.240230124.1667199007
.themandarin.com.au/	1970-01-20 07:06:39	Name: _gat_gtag_UA_52885710_1 Value: 1
.linkedin.com/	1970-01-20 09:16:15	Name: li_sugr Value: f3201f33-1031-4b59-85bd-1e54e8bdcc64
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:52:15	Name: bcookie Value: "v=2&6c9bb6d5-0df5-4e73-837d-91b92a620b0c"
.linkedin.com/	1970-01-20 07:08:05	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2862:u=1:x=1:i=1667199007:t=1667285407:v=2:sig=AQGmMj8AaRyHmHyo0NNVCd2bsCQjclXT"
.themandarin.com.au/	1970-01-20 07:06:39	Name: _dc_gtm_UA-52885710-1 Value: 1
.www.themandarin.com.au/	1970-01-20 07:08:05	Name: ln_or Value: d
.linkedin.com/	1970-01-20 07:49:51	Name: UserMatchHistory Value: AQKzcbkKS4nEcAAAAYQszftj7on8MFAERiX3PHG5CKpTE26BRER3UrpTLEHPOFjeHQTYWqlyE7nzYQ
.linkedin.com/	1970-01-20 07:49:51	Name: AnalyticsSyncHistory Value: AQJCj6ycOWG4wAAAAYQszftj27x9cafJoqWTBhG1W3yIrHg2kFKn-bb2Ei_3Psw5inUOVm0F_63sbhHe97IiVg
.dianomi.com/	1970-01-20 11:25:51	Name: session Value: 36b1c3ba99aa72be614c66b079c1c5db
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 15:52:15	Name: bscookie Value: "v=1&202210310650075bb72760-585f-4f54-8478-6507bcbf1cfaAQGlS0uBMS9_zDVXbkZnbHsRSy3bNgm-"
.bidswitch.net/	1970-01-20 15:52:15	Name: c Value: 1667199008
.bidswitch.net/	1970-01-20 15:52:15	Name: tuuid_lu Value: 1667199008
.pippio.com/	1970-01-20 15:52:15	Name: did Value: bDqr0RqYaaAl-njt
.pippio.com/	1970-01-20 15:52:15	Name: didts Value: 1667199008
.pippio.com/	1970-01-20 08:33:03	Name: nnls Value:
.teads.tv/	1970-01-20 15:50:48	Name: tt_viewer Value: 74ecc6cf-3601-4e91-8fc9-24c1817198a0
.bidswitch.net/	1970-01-20 15:52:15	Name: tuuid Value: efb6512c-5e37-4f27-aa71-c746ad750c2b
.adsymptotic.com/	1970-01-20 09:16:15	Name: U Value: 737dd9eae8e7dede4e5a943712d4e579
.themandarin.com.au/	1970-01-20 09:16:15	Name: _fbp Value: fb.2.1667199008868.1678757463
.openx.net/	1970-01-20 15:52:15	Name: i Value: 16dd5257-cb04-4d6d-9134-2573b6773f13\|1667199008
.rlcdn.com/	1970-01-20 15:52:15	Name: rlas3 Value: Pf0rf1Ctv8mVG3hY9KNg0+DBT08/kUzDHUlokl16Bew=
.rlcdn.com/	1970-01-20 08:33:03	Name: pxrc Value: CKDg/ZoGEgUI6AcQABIOCOhHEP///////////wESBgi46wEQAA==
.pippio.com/	1970-01-20 08:33:03	Name: pxrc Value: CKHg/ZoGEgQIAhAAEgYI7OsBEAA=
.teads.tv/	1970-01-20 07:08:05	Name: tt_exelate Value:
.teads.tv/	1970-01-20 07:08:05	Name: tt_bluekai Value:
.teads.tv/	1970-01-20 07:08:05	Name: tt_liveramp Value:
.teads.tv/	1970-01-20 07:08:05	Name: tt_neustar Value:
.teads.tv/	1970-01-20 07:08:05	Name: tt_salesforce Value:
.linksynergy.com/	1970-01-20 15:52:15	Name: rmuid Value: bbfc6dd6-c92f-4634-939c-1305e5f38725
.linksynergy.com/	1970-01-20 15:52:15	Name: icts Value: 2022-10-31T06:50:09Z
.adsrvr.org/	1970-01-20 15:52:15	Name: TDID Value: 9897da77-1ec5-47ae-a822-28949d3ac562
.criteo.com/	1970-01-20 16:28:15	Name: uid Value: 27ae0c6e-c7f4-4355-b91f-2126f62ee2f2
.yahoo.com/	1970-01-20 15:52:36	Name: A3 Value: d=AQABBCJwX2MCEAJ4KOYkeUXc0XPVrzc3KsEFEgEBAQHBYGNpYwAAAAAA_eMAAA&S=AQAAAiUjHGq_lMZG8EwYfjULNvk
.doubleclick.net/	1970-01-20 16:42:39	Name: IDE Value: AHWqTUlD0tDZXX9B3pQYbagp7LjbY9lE2lHEWxqbgwMM6JwO-RNkX2Wuz1vUaNbbwbY
.themandarin.com.au/	1970-01-20 16:28:15	Name: __gads Value: ID=a178a18d5e36439c:T=1667199009:S=ALNI_MahDNClcFU0c7pE0gbUi3n1c63d3w
.themandarin.com.au/	1970-01-20 16:28:15	Name: __gpi Value: UID=00000b71e0b908b6:T=1667199009:RT=1667199009:S=ALNI_MaTGJt2sOITXVPsS-qY_xI_8Jao0g
.agkn.com/	1970-01-20 15:52:15	Name: ab Value: 0001%3AhkGlnwaQEdh4pXz2f785%2BhR2qOkFNCxe
.exelator.com/	1970-01-20 09:59:27	Name: EE Value: "265795bb40d3bc693b2423f7ea8908bc"
.krxd.net/	1970-01-20 11:25:51	Name: _kuid_ Value: PK5wAB8x
.adsrvr.org/	1970-01-20 15:52:15	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCOLE0f_FxZ07EAUYBSACKAIyCwi4obul3MWdOxAFOAE.
.exelator.com/	1970-01-20 09:59:27	Name: ud Value: "eJxrXxzq6XKLQcHIzNTc0jQpycQgxTgp2czSOMnIxMg4zTw10cLSwCIpeXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAfEl%252BUWb6IsfQxUUpaQyLSopPBR8SSwcAjkkptw%253D%253D"
.bluekai.com/	1970-01-20 11:28:43	Name: bku Value: m3X99YJyUtm29d10
.bluekai.com/	1970-01-20 11:28:43	Name: bkpa Value: KJy9R9Y4d02pSUHknpx6meDTwtkAwEz6jVBMBZBZnE1t1eW+BsD81u6TjZ18nE/6RpWT1EzhmECC1a2Cza2C5ujLSVNo5e6hJZ5AzcJ4Rt2rztPr5e6ZUlx21ERtBpW8mE9ymExh1y19xGDq8Q==
.doubleclick.net/	1970-01-20 07:06:42	Name: DSID Value: NO_DATA
.rubiconproject.com/	1970-01-20 15:52:15	Name: khaos Value: L9WF8TII-1E-3634
.amazon-adsystem.com/	1970-01-20 12:56:34	Name: ad-id Value: A_5RrHDgGUbwhe8iVq_SmOY
.amazon-adsystem.com/	1970-01-20 16:42:39	Name: ad-privacy Value: 0
.rubiconproject.com/	1970-01-20 15:52:15	Name: audit Value: 1\|PsPU41L2Ruks9zcGhoTI5d32/v7Tbt6O2k6g57O2ozu1Mnm1d2tbLdqJEiL/rLauZ2yBjsfh2IrqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.dianomi.com/	1970-01-20 11:25:51	Name: session2 Value: B=1667199009&BUID=efb6512c-5e37-4f27-aa71-c746ad750c2b&L=1&N=1&R=1667199012&RUID=L9WF8TII-1E-3634

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://loader.wisepops.com/get-loader.js?v=1&site=uLVyNnFkTZ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://au-ssl.effectivemeasure.net/em.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://a.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/474599.gif?partner_uid=74ecc6cf-3601-4e91-8fc9-24c1817198a0_au&cv=&_t=1667199009413 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c6ecd9478772d8d0af7012606895055.safeframe.googlesyndication.com
a.teads.tv
aa.agkn.com
adservice.google.com
adservice.google.com.au
ajax.googleapis.com
analytics.twitter.com
api.parsely.com
au-ssl.effectivemeasure.net
beacon.krxd.net
cdn.ampproject.org
cdn.evgnet.com
cdn.linkedin.oribi.io
cdn.parsely.com
clientcdn.pushengage.com
cm.g.doubleclick.net
connect.facebook.net
data.dianomi.com
dis.criteo.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
idsync.rlcdn.com
jnn-pa.googleapis.com
load77.exelator.com
loader.wisepops.com
loadm.exelator.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
p.adsymptotic.com
p1.parsely.com
pagead2.googlesyndication.com
pi.pardot.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
sync.teads.tv
t.co
t.teads.tv
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
use.fontawesome.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.themandarin.com.au
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
au-ssl.effectivemeasure.net
www.youtube.com
104.18.102.194
104.18.11.207
104.18.35.151
104.244.42.131
104.244.42.133
104.26.10.19
107.178.254.65
13.107.42.14
13.224.250.81
13.227.255.71
13.35.8.67
142.250.4.132
142.250.4.154
142.251.10.119
142.251.10.132
142.251.10.148
142.251.10.154
142.251.10.94
142.251.10.95
142.251.10.97
142.251.12.103
142.251.12.149
142.251.12.157
142.251.12.94
146.75.112.157
15.197.193.217
151.101.192.114
157.240.235.1
157.240.235.35
172.64.132.15
182.161.73.146
184.31.5.52
192.0.66.82
192.0.76.3
209.54.182.161
23.195.153.54
23.36.253.98
23.53.160.138
23.73.13.201
23.9.185.218
34.237.219.119
34.98.67.3
35.160.185.12
35.190.60.146
35.213.12.39
35.244.159.8
42.99.140.192
52.197.202.80
52.221.40.105
52.86.241.86
54.150.10.110
63.34.81.234
69.173.158.64
74.125.24.101
74.125.24.132
74.125.24.154
74.125.24.155
74.125.24.157
74.125.24.190
74.125.24.95
74.125.68.154
8.43.72.97
89.187.162.134
01fd499c1ec9923d7cfaba42995c1ff24eea1db9f03d3be3e91f0d48f7bb84d1
03ff0fb5cae39ad431c25d861a493fe24d836c47e1c971aa532fe5c14faa7494
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
04db97298896958e9cb9a176c974793389b29df93be073a2f34af643caae8951
077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
11af9d62d365f1acb06f1a1954b7f1fa581d712f03d20e22aabbae5b58a105f9
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
16971c1ca9a739b39408e92a5aecd588a45564a1e55c14c04c2d499f1d93005c
19795e5af28163d8e28ca4f0c5b2781b810b9483eb7c6ded87ac40369ba0fefd
1f3a35186dbadf43f5e9d0646914164927de87b5801af0e1bbb6035aa071674c
221650cf681d68d48a0b16bd08d473ab8a75290132e5b8ce14c8d26725bbb76a
232a0820c5635b37a25e10e8f907dab379267a3ce72d0427c64eff050166a199
237e3cc694609cb5b167b731967dcb86aed31e133cfaf3c56379639282f9b792
28d6f3929b6c2dc7f150b29c3b1a0c2d39de20f6c1854db507c5deacd1f3f949
2a20f13a4857c9e8c6421e6b754f3e1d19a471865b0a4aefa62bd31882e396dd
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0d96f7aacbf420ac821554819b1b3f563ec7f8ce1b44fad18a0cf4c2292882
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
314c1056d1a12e6d0e898aeb91be0594fe244b1bb81e7ac57d809a0d8fea91fd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
34379b40a3dc6b4831263e136156d90c749f66752e5524ab8d2c261ab5273658
37ecd2a02288c23dcd533df157c705005b4680277542bc3a73d877a665755f28
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5130c4e5e9d37657f14cac1f5fa076aea406d2d31273bd4ff6ced452a08a81
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41df9aa76894f810d5b449149cf327276ffd2900ef09a309bad5e5bbb301422f
42923067a04a6098bcb228332c797e630396521f3ea20cf5bccb89340feec174
45629e479716a7f923b92b8e5ea234b5aaaf5c225cb48f1f035d55ea16c43a78
465963f846cfab11dcf4d5dd0aeae3a3a4d783c931b55d9b1be1cbcf825a8d33
475f074d2399ed80772c5eb9350827ac897d59c61e03146393ca47071e6c6d73
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ba2cbdf5fff3eafb27ea85ad41eafed4766e619e0a211549416b774e71aa71b
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
4ee9c91d5f66614dd7ae025c3e8115cbfe9dd0a3336b242efcd757c37c15f208
4f3a9f6e4add0ebf47ffabf37e5987d8a34a31427daac1e60e3c0c3a6aae8b69
4f8edcf5ad75e3a2a820f9f82fc93e5e2a917de7bb19a7c82d203d67678b93f0
52005fbc1e12f6ed7a3a0f30935ec5f23332e28a1057046e9da18de3ef35448a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53ffefcbda106040075ee99835ba700e8f811db0815a331abc29904edd599e2a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5693922c61527ee4cfd19623af0b0fa6b14c7b79ac2a4537ee5c895735a510b8
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
574e606dd328ee0151b17115729313e90da8ef190d298d1ec736c6c4b731b99c
5830c0e82c1ea0b10aef7b0938ae39f1b7347861504f51da37fb85144987f3b4
59499938b3b4beb513a8756bb21e201e3b63f34618e3c2928431828e03f78e7f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d5c4f3b03e8b53928e072ab4ead1c1a644a3bc4b2dc6bd5173900d19786356b
5d6f744872d533fd01fc25a02a22dc778a0da1dce5c449fc5177fea6557be23f
60e2c76396a11f1e45984d80b22830984947f075ee2a09633457da50231f6599
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
677dca1fd305e4fcd220b55100ab357b952e0410457b033c2b5ef682e614d476
67d25a57063eb6f00daaf3866ed1ea4e2789ef00d133a259a0bcc3001db49abf
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69f1118bf5b94192e91e816d413eddd9e83b3980bf0c9cb942ee4ca61324d0de
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d64736b75017d5e8783e729693963582ab5e2caac1878ad183fba3f1647b802
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
6e3c3c649e00790bb5ad26ddd64896a98a1ed3ede9bc8f1a02c28251cd5f7cbf
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7458c4aef758c46b1ee195e01ba8d303ae74962459b6cb7d0280033c282b164c
74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
78813a71248b93cf4babd563aa00019efae122556247c6b265f1b6b029e4a355
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c5d77a17dd1dedf9af81729d5066891b7a7c7b8d890abc09bd6304462cec94a
7cd7c6156c48679f8044ce18609e0605a54630ecde04610fe6798b381dba735d
7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444
80e4e7b22771c2bd2e9f4c22a1130bdfdeaef05bdeb75adfbdbbf958832fd070
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b0a6a470e79bdef6fa07b002f94b3e68318c3d7176e04bba7662e451abb7bb
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
872721603f4d68a83762e11758f383a82db3ac37b9ec887eeb553a7df35f9d29
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad4ea8071302e41f24985ce937177a1bdda068e14ae50914782137eb23deebc
8b9e1055970d14a2ac70719031d350f3339d75f5725f5a38f073f9c934d40370
8da5fa9188643b8995c88fe0f091dc6ee4f809115a02c1ab6cb30318c1c38717
915baa36cf25faecb145397a5059a7b9ae0aa36f53869d9c5b7e22b3c120ff50
9190e3cff2f32711652536aad516ec220f7c9fb93dd26d3cb4278acfb8d982f3
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
98053c6ace91f91827bbcc815e5b0492a1aa5f096baa2729ef0b3eca3f0ef24e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9d461a19328f926eb15b3d203f0e9684821f11c664fab5055842d6acc32ebfe1
9dcdfd51e7f8f7de80a35d59dbe0bf788ab7689b22a6f7dfe460c9d81fe7701b
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a2c8dbc64dc250f3fa0633574261034f2f134aa4c385b1f58d255b50ec11ccce
a2f695fec6f7ebae40168d557720a380b24ef51d1085f5c7cc2399746a33bcc1
a362adb6ced7ba102908ad2cb0ae876b00499f742cae1706fb31173219f4dede
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a655f67c038c6cb7750c60f9f67389400ee9926a669e53e18aea1953cf7da474
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a91a4bb1024cb89860127992112f83653391e4183608ae981f8eeeae4f53aaa6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af83953db02266d0598de91d5e2663a3e28c560e4737623430f29f251be0a99b
af8bb6111f787caf0745589c400853be639da4d679090a4cc5ad521acbd328c4
b06c9fa402c348ef78585e4bfdb5c6301b1a1ebec1b0ba9b9b5da680760b81ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21dd5067e1a5cb98e74e8d4c5b8b9c0bc093e640d190db5673e3639558f7f2e
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb14c226d4517c67148f8c5f2680ee3081e5fa0932e9e93092c09ae60fe54606
bbc71fde5502474abfff3d270af3fc852af9c0918350384ab39e05a71c08f417
bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66
be3167962058f03cd7f63b2053fcf5fe63ae43193b7ab8623f4230df97d58535
be55282a1582cb36942418374f12731c8ffecb291a28e36e047d9ed646b38c52
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c0fd6c0742347d3c190af951750ae46e50f7dc0263ed7e15a5800b388550be85
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32303c1614287a5e8d91fe967e40c00e5a7fd087ea3a32de87dda6df45d4acd
c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f
c6ce233ea5aaacf5b906d3fc588d2731d2184d7066dac7d7141d91c5cf7e741c
c7f80ac0f717e2128cec0b999f474b5b154ea4cbada8ecc74b69b65eaaf55869
ca263a0a3251f873bb43143fb3f271793201c8e1f3e439b6d23ae32cb43297f1
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
cee0ff68e0b0c4906b61fefa3182536400470874bb50fc0a86845519e904db64
cf1fbe6bcab2b09205f17a12d55c03fffcf3cf27ec09ef17b138298f53e8ba5e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4a66d690ab79bbf61d6896a0ed9164f18d3c3be563639adabf68f4d56e5818
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d21f95a1947f684df0382c90382a128687cca9ce1436745c70b71398ea23cb70
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
d726e9e5b87d746117c6e863358d26c6f86ad6858bcd4411fb872a4d65224f65
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80a75389c9ac1c16036be13df0840b406343d0dcacc184974fafd813b5c8f47
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
dd96db3d7cb42c5a7ca702b99e719309b3d103b1e3eef665e9a2e6309e793111
de0e3e13ac455201d77e111b8c417ddae1ea4689e4406203baaa78d0ff9532bf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0aafd937ad90f1da3421c3ed7fc31a407b74f3ddeac7a8c4a40d37413dda0e5
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e2c9eee0a788355cf8c643a73e249ed367342185bc78cbe47c78a26b61e99057
e3196bb849ad7bb20fe80ae44590e8d27bb6d560db564f44779181d34b9e5b0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bfcc252845dfab30053f76d2eb7740f031be381f2236b389ae8d9e499aed93
e40ac5a09f3a2fdc9ea2d525b7336b45d67a06481aec098e076a2a287e596daa
e4c3a9146a62eb16d28155dedb4e355d93bfac74e6d1cdc90a0fdee09e3d96ac
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e83b53eeccab20e84f3e08d51bc3f47120a34bb62abc955420f834c0431ed4ee
eb8304092bddb1608d9d661895bc22294ed02b1c2ebf3836be696ecaaf5e84dc
edbcd66789533fa7b2997c4b5c03a4df3042683b35384b0199fef3ad78554d2d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f251074a6b965d8b7019aa7df52b79e933db7f255b303ab608237a2561be0df7
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9
f83a8b99f9f356e8b0290074236f6c8a24d8ac15d745a647fec6f346900059ef
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fa0303da607fb098c032ffab6350a3c1ff859f75da4a9d8b8edd2a576277bff7
fc888409cef8917486ed4cd0b50cf445837b53ef1a03300f27af9ef569c2e91f
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

www.themandarin.com.au Open in urlscan Pro 192.0.66.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

247 Requests

90 %HTTPS

0 %IPv6

50 Domains

73 Subdomains

54 IPs

5 Countries

3490 kBTransfer

9898 kBSize

68 Cookies

25 Outgoing links

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.themandarin.com.au Open in urlscan Pro
192.0.66.82 Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

90 %
HTTPS

0 %
IPv6

50
Domains

73
Subdomains

54
IPs

5
Countries

3490 kB
Transfer

9898 kB
Size

68
Cookies

247 HTTP transactions
4 data transactions