www.afr.com Open in urlscan Pro
2a04:4e42:200::645 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=te...
Submission: On December 16 via api (December 16th 2021, 6:11:38 am UTC) from AU — Scanned from DE

Summary HTTP 189 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 65 IPs in 10 countries across 52 domains to perform 189 HTTP transactions. The main IP is 2a04:4e42:200::645, located in United States and belongs to FASTLY, US. The main domain is www.afr.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 6th 2021. Valid for: a year.

This is the only time www.afr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:2800:10:2964:9d00:21	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	136.243.44.4 136.243.44.4	24940 (HETZNER-AS) (HETZNER-AS)
1 3	54.216.167.233 54.216.167.233	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:4800:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:8600:7:3896:c640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
4	13.238.96.192 13.238.96.192	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
1	158.101.192.201 158.101.192.201	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.201.103.212 35.201.103.212	15169 (GOOGLE) (GOOGLE)
1	104.117.200.111 104.117.200.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2600:9000:215... 2600:9000:2156:9400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:2200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.48.241.99 52.48.241.99	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
15	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	3.24.79.120 3.24.79.120	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
10	52.19.78.71 52.19.78.71	16509 (AMAZON-02) (AMAZON-02)
2	52.55.14.119 52.55.14.119	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.103.127 143.204.103.127	16509 (AMAZON-02) (AMAZON-02)
4 5	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
1	52.50.167.210 52.50.167.210	16509 (AMAZON-02) (AMAZON-02)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
2	54.194.29.148 54.194.29.148	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:e200:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 3	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.65.130.251 52.65.130.251	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	3.230.12.180 3.230.12.180	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.2.183.88 52.2.183.88	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.72.206.84 52.72.206.84	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:7e00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	54.198.123.195 54.198.123.195	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.159.242.165 18.159.242.165	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	52.206.55.189 52.206.55.189	14618 (AMAZON-AES) (AMAZON-AES)
1	52.51.5.121 52.51.5.121	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:659... 2600:1f18:6593:f608:78e4:ddc4:e083:81a6	14618 (AMAZON-AES) (AMAZON-AES)
189	65

40 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

www.afr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.afr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2800:10:2964:9d00:21 (United States)

ASN16509 (AMAZON-02, US)

d2uhnetoehh304.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.44.4 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.4.44.243.136.clients.your-server.de

static-au.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.167.233 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-167-233.eu-west-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:4800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8600:7:3896:c640:93a1 (United States)

ASN16509 (AMAZON-02, US)

adc-js.nine.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.238.96.192 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-238-96-192.ap-southeast-2.compute.amazonaws.com

i.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

api.afr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.101.192.201 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

fairfaxmedia.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.103.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.103.201.35.bc.googleusercontent.com

teenytinyshirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.200.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-111.deploy.static.akamaitechnologies.com

a304207300.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.241.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.24.79.120 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-79-120.ap-southeast-2.compute.amazonaws.com

l.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.19.78.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.55.14.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-119.compute-1.amazonaws.com

10510523.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6633783.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.167.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-167-210.eu-west-1.compute.amazonaws.com

fairfaxau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

fairfaxau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.29.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-29-148.eu-west-1.compute.amazonaws.com

nd.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

96d2fec632341d33d327cc999b916144.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

nxflmiftx4leud2fatcyckjhrii0t1639635091.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.50 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.65.130.251 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-65-130-251.ap-southeast-2.compute.amazonaws.com

adc.nine.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

rtd.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.12.180 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-12-180.compute-1.amazonaws.com

sync.adap.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.183.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-183-88.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.27.153 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.206.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-206-84.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.198.123.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-123-195.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.242.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-242-165.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

dmpsync.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.55.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-55-189.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.5.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-5-121.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f608:78e4:ddc4:e083:81a6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	afr.com www.afr.com api.afr.com	649 KB
19	ffx.io static.ffx.io i.ffx.io l.ffx.io	121 KB
16	googlesyndication.com 96d2fec632341d33d327cc999b916144.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	130 KB
15	facebook.com www.facebook.com	1 KB
14	doubleclick.net 5 redirects securepubads.g.doubleclick.net ad.doubleclick.net 6633783.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	217 KB
13	demdex.net dpm.demdex.net fairfaxau.demdex.net nd.demdex.net	18 KB
12	imrworldwide.com 1 redirects secure-au.imrworldwide.com cdn-gl.imrworldwide.com secure-gl.imrworldwide.com secure-dcr.imrworldwide.com nxflmiftx4leud2fatcyckjhrii0t1639635091.nuid.imrworldwide.com	84 KB
10	ampproject.org cdn.ampproject.org	204 KB
7	google.com 2 redirects adservice.google.com www.google.com	2 KB
4	google-analytics.com www.google-analytics.com	21 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	facebook.net connect.facebook.net	287 KB
3	qualtrics.com zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com siteintercept.qualtrics.com	22 KB
3	advertising.com 2 redirects sync.adaptv.advertising.com pixel.advertising.com	1 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	google.de adservice.google.de www.google.de	1 KB
3	yahoo.com 1 redirects sp.analytics.yahoo.com cms.analytics.yahoo.com	2 KB
3	moatads.com z.moatads.com mb.moatads.com	83 KB
3	nine.com.au adc-js.nine.com.au adc.nine.com.au	23 KB
3	yimg.com s.yimg.com	12 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
3	optimizely.com cdn.optimizely.com a304207300.cdn.optimizely.com logx.optimizely.com	92 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	529 B
2	3lift.com 2 redirects dmpsync.3lift.com	752 B
2	gstatic.com fonts.gstatic.com	43 KB
2	eyeota.net 2 redirects ps.eyeota.net	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	everesttech.net 2 redirects rtd-tm.everesttech.net	653 B
2	pubmatic.com image5.pubmatic.com
2	rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	453 B
2	parsely.com cdn.parsely.com p1.parsely.com	26 KB
2	igodigital.com 10510523.collect.igodigital.com nova.collect.igodigital.com	3 KB
2	teenytinyshirt.com teenytinyshirt.com	27 KB
2	plista.com static-au.plista.com	18 KB
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	chartbeat.net ping.chartbeat.net	201 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	adap.tv 1 redirects sync.adap.tv	167 B
1	tubemogul.com 1 redirects rtd.tubemogul.com	267 B
1	turn.com 1 redirects d.turn.com	402 B
1	omtrdc.net fairfaxau.sc.omtrdc.net	314 B
1	hotjar.io vc.hotjar.io	257 B
1	adsafeprotected.com static.adsafeprotected.com	482 B
1	t.co t.co	470 B
1	twitter.com analytics.twitter.com	674 B
1	gscontxt.net fairfaxmedia.gscontxt.net	1 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	bizographics.com sjs.bizographics.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	cloudfront.net d2uhnetoehh304.cloudfront.net	30 KB
1	googletagmanager.com www.googletagmanager.com	118 KB
189	52

	Domain	Requested by
18	www.afr.com	www.afr.com
15	www.facebook.com	www.afr.com
13	static.ffx.io	www.afr.com
10	tpc.googlesyndication.com	www.afr.com securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	dpm.demdex.net	www.afr.com
10	api.afr.com	www.afr.com
6	cdn-gl.imrworldwide.com	www.afr.com cdn-gl.imrworldwide.com secure-au.imrworldwide.com
6	securepubads.g.doubleclick.net	www.afr.com securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google.com	1 redirects www.afr.com tpc.googlesyndication.com
4	ad.doubleclick.net	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	i.ffx.io	d2uhnetoehh304.cloudfront.net
4	connect.facebook.net	www.afr.com connect.facebook.net
3	ib.adnxs.com	3 redirects
3	adservice.google.com	1 redirects www.afr.com securepubads.g.doubleclick.net
3	s.yimg.com	www.afr.com s.yimg.com
2	dmpsync.3lift.com	2 redirects
2	siteintercept.qualtrics.com	zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com siteintercept.qualtrics.com
2	pixel.advertising.com	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	ps.eyeota.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	rtd-tm.everesttech.net	2 redirects
2	adc.nine.com.au	adc-js.nine.com.au
2	image5.pubmatic.com	www.afr.com
2	secure-dcr.imrworldwide.com	www.afr.com
2	nd.demdex.net	www.afr.com
2	adservice.google.de	www.afr.com securepubads.g.doubleclick.net
2	l.ffx.io	www.afr.com
2	sp.analytics.yahoo.com	www.afr.com
2	secure-gl.imrworldwide.com	secure-au.imrworldwide.com www.afr.com
2	px.ads.linkedin.com	2 redirects
2	teenytinyshirt.com	www.afr.com teenytinyshirt.com
2	z.moatads.com	www.afr.com z.moatads.com
2	static-au.plista.com	www.afr.com static-au.plista.com
1	dmp.v.fwmrm.net
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	ping.chartbeat.net
1	pixel.rubiconproject.com
1	static.chartbeat.com	www.afr.com
1	zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com	www.afr.com
1	googleads.g.doubleclick.net	www.afr.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	logx.optimizely.com	cdn.optimizely.com
1	cms.analytics.yahoo.com	1 redirects
1	sync.adaptv.advertising.com	1 redirects
1	sync.adap.tv	1 redirects
1	rtd.tubemogul.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	p1.parsely.com	www.afr.com
1	nova.collect.igodigital.com	www.afr.com
1	token.rubiconproject.com	www.afr.com
1	d.turn.com	1 redirects
1	www.google.de	www.afr.com
1	nxflmiftx4leud2fatcyckjhrii0t1639635091.nuid.imrworldwide.com	www.afr.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	96d2fec632341d33d327cc999b916144.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fairfaxau.sc.omtrdc.net	www.afr.com
1	fairfaxau.demdex.net	www.afr.com
1	vc.hotjar.io	script.hotjar.com
1	6633783.fls.doubleclick.net	www.afr.com
1	cdn.parsely.com	www.googletagmanager.com
1	10510523.collect.igodigital.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	mb.moatads.com	z.moatads.com
1	static.adsafeprotected.com	www.afr.com
1	t.co	www.afr.com
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com	www.afr.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	a304207300.cdn.optimizely.com	cdn.optimizely.com
1	fairfaxmedia.gscontxt.net	www.afr.com
1	static.ads-twitter.com	www.afr.com
1	adc-js.nine.com.au	www.afr.com
1	secure-au.imrworldwide.com	1 redirects
1	sjs.bizographics.com	www.afr.com
1	snap.licdn.com	www.afr.com
1	static.hotjar.com	www.afr.com
1	d2uhnetoehh304.cloudfront.net	www.afr.com
1	www.googletagmanager.com	www.afr.com
1	cdn.optimizely.com	www.afr.com
189	85

This site contains links to these domains. Also see Links.

Domain
subscribe.afr.com
twitter.com
www.instagram.com
www.linkedin.com
www.facebook.com
www.corporatesubscriptions.com.au
www.nineforbrands.com.au
www.smh.com.au
www.theage.com.au
www.brisbanetimes.com.au
www.watoday.com.au
www.domain.com.au
www.drive.com.au
login.nine.com.au
professional.licensing-publishing.nine.com.au

Subject Issuer	Validity	Valid
nine.com.au COMODO RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-06`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2021-09-28` - `2022-09-28`	a year	crt.sh
*.plista.com COMODO RSA Domain Validation Secure Server CA	`2020-06-02` - `2022-04-11`	2 years	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.api.nine.com.au Amazon	`2021-08-15` - `2022-09-13`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.9pub.io Amazon	`2021-11-29` - `2022-12-28`	a year	crt.sh
*.gscontxt.net DigiCert SHA2 Secure Server CA	`2020-01-22` - `2022-01-21`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
teenytinyshirt.com R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.ninetech.dev Amazon	`2021-08-03` - `2022-09-01`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.collect.igodigital.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-02-25`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-05` - `2022-03-04`	5 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Frame ID: B67389DA8CE09430935EF6482C229F7E
Requests: 126 HTTP requests in this frame

Frame: https://a304207300.cdn.optimizely.com/client_storage/a304207300.html
Frame ID: 4B2BCC1F3908E90CFB7F1849F3EDF612
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: DF8D1677C2661EEDBC27FF74E85FC4EA
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 467EDB1AFB9E8EF1CC54439F82BCAE2A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 70E5729286A4FCE8E648EEDE714CCB2E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4938624929712.778;~oref=https://www.afr.com/
Frame ID: 42BE45399C4640E8A827C211811610DE
Requests: 1 HTTP requests in this frame

Frame: https://fairfaxau.demdex.net/dest5.html?d_nsid=0
Frame ID: 3A1198EC1927EA43E217F1FA27BAEA99
Requests: 11 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: DE0B034EB00A91B1B81C8E38D8B3EBE4
Requests: 3 HTTP requests in this frame

Frame: https://96d2fec632341d33d327cc999b916144.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E02E5795921DCF19C482F0ED01C372BF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 63BB8BA7C8AB1FF694A51971C6980718
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0767C78457CE77E0814A8C8DE5FA33D0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A78C70A0B4222754340F8D8F1369524C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 56F7CFA70B84748865DC43F759B83F64
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: F4BE4483DADC226E7D5D9FA3487972AD
Requests: 17 HTTP requests in this frame

Frame: https://nd.demdex.net/dest5.html?d_nsid=0
Frame ID: C3E11A2A699697B515AA36F42CE2A702
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F81C94ED89156E895D19AD6E2C5DAD9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC209FDE8355718E5961A1CDF2BC3334
Requests: 2 HTTP requests in this frame

Frame: https://adc.nine.com.au/?appNexusUid=4331350874324167399
Frame ID: 407D5F44048D8E8F99DC2AE2AF2F84EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber criminals force shutdown of NSW budgeting systemClose menuSearchExpandExpandExpandExpandExpandExpandExpandExpandExpandExpandExpandThe Australian Financial ReviewTwitterInstagramLinkedInFacebook

Page Statistics

189
Requests

92 %
HTTPS

40 %
IPv6

52
Domains

85
Subdomains

65
IPs

10
Countries

2326 kB
Transfer

6942 kB
Size

59
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.afr.com/?promote_channel=HI_HL_GNL&utm_source=afr.com&utm_medium=HouseInventory&utm_campaign=General&utm_content=HDR
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://subscribe.afr.com/?promote_channel=HI_PW_GNL_DTC1
Title: Save 50% now

Search URL Search Domain Scan URL

URL: https://twitter.com/FinancialReview
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/financialreview/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/1628885
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/financialreview
Title: Facebook

Search URL Search Domain Scan URL

URL: https://subscribe.afr.com/?promote_channel=HI_FL_GNL&utm_source=afr.com&utm_medium=HouseInventory&utm_campaign=General&utm_content=FTR
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.corporatesubscriptions.com.au/?utm_source=afr_sub_lp&utm_medium=link&utm_campaign=corporate_subscriptions
Title: Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://subscribe.afr.com/student-offer?promote_channel=HI_FL_STU&utm_source=FooterLink&utm_medium=HouseInventory&utm_campaign=Student
Title: Student subscriptions

Search URL Search Domain Scan URL

URL: https://www.nineforbrands.com.au/about/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.nineforbrands.com.au/media-kits/financial-review/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.smh.com.au/
Title: The Sydney Morning Herald

Search URL Search Domain Scan URL

URL: https://www.theage.com.au/
Title: The Age

Search URL Search Domain Scan URL

URL: https://www.brisbanetimes.com.au/
Title: Brisbane Times

Search URL Search Domain Scan URL

URL: https://www.watoday.com.au/
Title: WAtoday

Search URL Search Domain Scan URL

URL: https://www.domain.com.au/
Title: Domain

Search URL Search Domain Scan URL

URL: https://www.drive.com.au/
Title: Drive

Search URL Search Domain Scan URL

URL: https://login.nine.com.au/privacy?client_id=afr
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://login.nine.com.au/terms?client_id=afr
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://professional.licensing-publishing.nine.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Reprints & Permissions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%252C3519914%26time%3D1639635091558%26url%3Dhttps%253A%252F%252Fwww.afr.com%252Ftechnology%252Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%253Futm_content%253Dtechnology%2526list_name%253D2F6E16F3-E586-4778-AFFF-33811F208B65%2526promote_channel%253Dedmail%2526utm_campaign%253Dmarket-wrap%2526utm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_term%253D2021-12-16%2526mbnr%253DMTE4OTMwMzA%2526instance%253D2021-12-16-16-58-AEDT%2526jobid%253D29352524%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&liSync=true&e_ipv6=AQKU53idWKy-kQAAAX3B3gH1PTifycJHRPnf7hi8_EhXlOiXL4siyTcgKFUBEFyt_fsu51Ue

Request Chain 79

https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4938624929712.778 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4938624929712.778 HTTP 302
https://adservice.google.com/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4938624929712.778;~oref=https://www.afr.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4938624929712.778;~oref=https://www.afr.com/

Request Chain 84

https://ad.doubleclick.net/activity;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=1451949861.1639635092;ps=1 HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CLL02dnU5_QCFUXF7QodI74H9A;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=1451949861.1639635092;ps=1 HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CLL02dnU5_QCFUXF7QodI74H9A;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=*;ps=1

Request Chain 118

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4331350874324167399

Request Chain 119

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7219760580196216681

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDAxMzMyNjM5MzIxMjI5MjY0MDE2NDUzMjg3MDY4OTUyNjU3OTc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPXh2IJzZ4gGIx-Q1hTVp-U&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 126

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D&_test=YbrYlAAAKjQ_WgAZ HTTP 302
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YbrYlAAAKjQ_WgAZ

Request Chain 128

https://sync.adap.tv/demdex_user_sync HTTP 302
https://sync.adaptv.advertising.com/demdex_user_sync HTTP 302
https://dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4315420328653096569

Request Chain 129

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YbrYlO752XQkGXci6hNvfQAA%261184

Request Chain 130

https://ps.eyeota.net/match?bid=6j5b2cv&uid=40133263932122926401645328706895265797&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=40133263932122926401645328706895265797&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 131

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=40133263932122926401645328706895265797&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-3JCJ3T9E2pG5hjuL1wvXoJeP6j8x3J1TDbY-~A

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://pixel.advertising.com/ups/28/sync?uid=40294997829956380421624948574910904639&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/28/sync?uid=40294997829956380421624948574910904639&_origin=1&redir=true&verify=true

Request Chain 182

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=144591926621309046&gdpr=0&gdpr_consent=

Request Chain 183

https://usermatch.krxd.net/um/v2?partner=adobe&id=40294997829956380421624948574910904639 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=40294997829956380421624948574910904639

Request Chain 185

https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID HTTP 302
https://adc.nine.com.au/?appNexusUid=4331350874324167399

189 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u Show response
www.afr.com/technology/ 180 KB
35 KB 377ms
313ms Document
text/html 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab31b0d53c708a6462e95500691c8204153ad7a79a5aca8bd656e54db4a0452c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"2cf99-62GiQPrRR9o4KEqUmqGaqWntxpA"
strict-transport-security: max-age=31536000
uber-trace-id: bbfb50be984f34db:bbfb50be984f34db:0:0
x-frame-options: sameorigin
x-varnish-grace: none(fetch fresh)
x-xss-protection: 1; mode=block
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 16 Dec 2021 06:11:31 GMT
age: 27
x-served-by: cache-syd10138-SYD, cache-fra19148-FRA
x-cache: HIT, HIT
x-cache-hits: 1, 1
vary: Accept-Encoding
content-length: 35737

GET
H2 200 polyfillsGlobal.66ae5a28de153717bd3a.js Show response
www.afr.com/assets/ 1 KB
659 B 9ms
8ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/polyfillsGlobal.66ae5a28de153717bd3a.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a4563ffaeeaced1791519dd6045609445d91ae57336197c834cdf9248c30dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 258019
uber-trace-id: 2c40eb2bdd4fee99:2c40eb2bdd4fee99:0:0
x-cache: HIT, HIT
content-length: 529
etag: W/"45a-17db25a4c50"
x-served-by: cache-syd10155-SYD, cache-fra19148-FRA
last-modified: Mon, 13 Dec 2021 05:53:22 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 87

GET
H2 200 europa.9291a2e4a8346d66db60.js Show response
www.afr.com/assets/ 42 KB
12 KB 8ms
8ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/europa.9291a2e4a8346d66db60.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f1703194404bb92859310b44abe9d9b959b98cc39d6f41d351c61070a92c24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 257998
uber-trace-id: b44de95a307276af:b44de95a307276af:0:0
x-cache: HIT, HIT
content-length: 12428
etag: W/"a79d-17db25a4c50"
x-served-by: cache-syd10161-SYD, cache-fra19148-FRA
last-modified: Mon, 13 Dec 2021 05:53:22 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 4, 88

GET
H2 200 13780390039.js Show response
cdn.optimizely.com/js/ 292 KB
90 KB 204ms
117ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/13780390039.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

639a7a95b02c474fec6945d4d6e38c573669d01cd855947d0dfd44ac67d579bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: OJ7jkb7iCpsD5mI2Mek5zLTSXYVz3gGF
content-encoding: gzip
etag: "1abbd95006de19f54a376079f244d874"
x-amz-request-id: APDNB2MMSG6C9WPF
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2971
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="0";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 91456
x-amz-id-2: KU24RPYW+POPexUhAbaN5BmUcq6dX/Pe2sJ4Z75383e4iFvLgC+YoF9Px9Amj2+IvM20fELiiB8=
last-modified: Mon, 06 Dec 2021 20:58:09 GMT
server: AmazonS3
date: Thu, 16 Dec 2021 06:11:31 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 983c31e2e931afa1b882936cbc426a6ef6d97a2f
static.ffx.io/images/$width_140%2C$height_140/t_crop_auto%2Cq_auto:best%2Cfl_any_format/ 6 KB
6 KB 40ms
9ms Image
image/png 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$width_140%2C$height_140/t_crop_auto%2Cq_auto:best%2Cfl_any_format/983c31e2e931afa1b882936cbc426a6ef6d97a2f
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2994e5cf6434258acfebc3f9b4a9fdf13364e04e479f33c8b655f07378f3ce6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 89903
edge-cache-tag: 454052569465385837455185217845751659382,360778656187203342608955627533303398316,5f5f4219172da4ec8104790896b11172
cache-tag: 454052569465385837455185217845751659382,360778656187203342608955627533303398316,5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
content-length: 5993
x-served-by: cache-fra19120-FRA, cache-fra19148-FRA
x-cld-skey: 454052569465385837455185217845751659382 360778656187203342608955627533303398316 5f5f4219172da4ec8104790896b11172
last-modified: Fri, 19 Nov 2021 00:43:59 GMT
server: cloudinary
x-timer: S1639635091.107129,VS0,VE1
etag: "baa56765bb69a5a242248c42e4fcd850"
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 380 KB
118 KB 43ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24299c4b303ebcaf5d9ec10c241bb7d76c97bf7fb2deefbf494a8f81f0ec6edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120382
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:11:31 GMT

GET
H2 200 sp.js Show response
d2uhnetoehh304.cloudfront.net/2.11.0-patched/ 97 KB
30 KB 53ms
11ms Script
application/javascript 2600:9000:2156:2800:10:2964:9d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2800:10:2964:9d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3c78596628f7e53c40bbfd0e9eed225181c4c2933a6e051e8fa46c30b221d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:08:29 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 01:09:01 GMT
server: AmazonS3
age: 5029383
etag: W/"80b7ca5bd7a7e17f33545663b8f8423f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5DdyrVHleno8CFIzb_QWrm16FKVF-yYcUFkgAdr7H5OTU8-_TjSF8w==

GET
H2 200 9a774230.svg
www.afr.com/assets/ 3 KB
626 B 8ms
7ms Image
image/svg+xml 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.afr.com/assets/9a774230.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bcf86c48df6f76b921cce4d3b354c52312027494dbac002cf58ff39ca8593ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"bf5-17c76d52e58"
age: 5487085
uber-trace-id: df75eea16ec78a22:df75eea16ec78a22:0:0
x-cache: HIT, HIT
content-length: 460
x-served-by: cache-syd10178-SYD, cache-fra19148-FRA
last-modified: Tue, 12 Oct 2021 23:27:35 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 21129, 3

GET
H2 200 0d96eeec.svg
www.afr.com/assets/ 6 KB
3 KB 8ms
8ms Image
image/svg+xml 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.afr.com/assets/0d96eeec.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b56cf3ff69da24ee4d01b00d8bbad12a602a1f083e47c6646b02b639fd633fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"18fe-17d08e6f308"
age: 3079322
uber-trace-id: b919d2e93a64f72f:b919d2e93a64f72f:0:0
x-cache: HIT, HIT
content-length: 2780
x-served-by: cache-syd10139-SYD, cache-fra19148-FRA
last-modified: Wed, 10 Nov 2021 08:11:33 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 11485, 2

GET
H2 200 suecanano-regular-webfont.woff2
www.afr.com/fonts/ 18 KB
18 KB 8ms
8ms Font
font/woff2 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecanano-regular-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"4664-17dbb6433b0"
age: 48214
uber-trace-id: 74192482e656b66b:74192482e656b66b:0:0
x-cache: HIT, HIT
content-length: 18020
x-served-by: cache-syd10135-SYD, cache-fra19148-FRA
last-modified: Wed, 15 Dec 2021 00:00:46 GMT
date: Thu, 16 Dec 2021 06:11:31 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 92

GET
H2 200 suecahd-regular-webfont.woff2
www.afr.com/fonts/ 22 KB
23 KB 9ms
8ms Font
font/woff2 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecahd-regular-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"59b8-17dbb6433b0"
age: 38719
uber-trace-id: 13547621a5e2f643:13547621a5e2f643:0:0
x-cache: HIT, HIT
content-length: 22968
x-served-by: cache-syd10171-SYD, cache-fra19148-FRA
last-modified: Wed, 15 Dec 2021 00:00:46 GMT
date: Thu, 16 Dec 2021 06:11:31 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 92

GET
H2 200 suecahd-regularitalic-webfont.woff2
www.afr.com/fonts/ 24 KB
24 KB 11ms
10ms Font
font/woff2 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecahd-regularitalic-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa84adaa52138db2f2ca946b1e3ce31105a39a9a1f1b5fb25ad456241c2d0e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"5f4c-17dbb6433b0"
age: 55689
uber-trace-id: 6f6ca45ed6893506:6f6ca45ed6893506:0:0
x-cache: HIT, HIT
content-length: 24396
x-served-by: cache-syd10125-SYD, cache-fra19148-FRA
last-modified: Wed, 15 Dec 2021 00:00:46 GMT
date: Thu, 16 Dec 2021 06:11:31 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 93

GET
H2 200 suecanano-semibold-webfont.woff2
www.afr.com/fonts/ 17 KB
18 KB 16ms
15ms Font
font/woff2 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecanano-semibold-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"45f0-17dbb6433b0"
age: 46132
uber-trace-id: 2930057ebb8c4f82:2930057ebb8c4f82:0:0
x-cache: HIT, HIT
content-length: 17904
x-served-by: cache-syd10167-SYD, cache-fra19148-FRA
last-modified: Wed, 15 Dec 2021 00:00:46 GMT
date: Thu, 16 Dec 2021 06:11:31 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 91

GET
H2 200 suecahd-bold-webfont.woff2
www.afr.com/fonts/ 22 KB
22 KB 14ms
13ms Font
font/woff2 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecahd-bold-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"5844-17dbb6433b0"
age: 41731
uber-trace-id: 7b82347a53bccf18:7b82347a53bccf18:0:0
x-cache: HIT, HIT
content-length: 22596
x-served-by: cache-syd10153-SYD, cache-fra19148-FRA
last-modified: Wed, 15 Dec 2021 00:00:46 GMT
date: Thu, 16 Dec 2021 06:11:31 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 92

GET
H2 200 vendorsReactRedux_client.07c789ec0650a321467f.chunk.js Show response
www.afr.com/assets/ 154 KB
51 KB 11ms
8ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/vendorsReactRedux_client.07c789ec0650a321467f.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1865d42765b5027e000f4e2a89728fb6a95d4499b1286314818302232af83ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 192666
uber-trace-id: f9fe0605d102ee50:f9fe0605d102ee50:0:0
x-cache: HIT, HIT
content-length: 51636
etag: W/"2663d-17db643fde8"
x-served-by: cache-syd10127-SYD, cache-fra19148-FRA
last-modified: Tue, 14 Dec 2021 00:07:29 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 91

GET
H2 200 vendorsHtmlparser2_client.a065fe347d5cf1bcac3e.chunk.js Show response
www.afr.com/assets/ 126 KB
40 KB 18ms
15ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/vendorsHtmlparser2_client.a065fe347d5cf1bcac3e.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

716379f581fc195c5b540c826ae27d0820cf99421dc0f6d9b745df2e8343d343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 258008
uber-trace-id: 98add40c0f963e26:98add40c0f963e26:0:0
x-cache: HIT, HIT
content-length: 40627
etag: W/"1f841-17db25a4c50"
x-served-by: cache-syd10129-SYD, cache-fra19148-FRA
last-modified: Mon, 13 Dec 2021 05:53:22 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none(fetch fresh)
accept-ranges: bytes
x-cache-hits: 1, 89

GET
H2 200 vendors_client.5eda17977108f7dc3109.chunk.js Show response
www.afr.com/assets/ 517 KB
149 KB 19ms
17ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6140b4b94aa1527ecdc692c0d700dda90686a444f7473b72fd2bd13969ea741e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 192678
uber-trace-id: efd8f13effbd18ba:efd8f13effbd18ba:0:0
x-cache: HIT, HIT
content-length: 152393
etag: W/"8140e-17db643fde8"
x-served-by: cache-syd10122-SYD, cache-fra19148-FRA
last-modified: Tue, 14 Dec 2021 00:07:29 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 19140

GET
H2 200 client.a029ee6c2be129d40565.js Show response
www.afr.com/assets/ 534 KB
137 KB 29ms
27ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/client.a029ee6c2be129d40565.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

afb63db6a68a5e920797bd48f920f3a184bcb5167d03de7a2a8ffa5ba6021399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 12636
uber-trace-id: 5b41cd5e757c6905:5b41cd5e757c6905:0:0
x-cache: HIT, HIT
content-length: 139729
etag: W/"858b2-17dc1013e80"
x-served-by: cache-syd10153-SYD, cache-fra19148-FRA
last-modified: Thu, 16 Dec 2021 02:10:24 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 3

GET
H2 200 StandardArticleTemplate.8739d27fd24f2e29514e.chunk.js Show response
www.afr.com/assets/ 79 KB
23 KB 38ms
37ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/StandardArticleTemplate.8739d27fd24f2e29514e.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77905c5ecbcaa3513dd7670bf664895a2fdb7e1d247315834e45c21d1fb5e837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 105805
uber-trace-id: 827aa05b1a36503c:827aa05b1a36503c:0:0
x-cache: HIT, HIT
content-length: 23300
etag: W/"13a5e-17dbb64c438"
x-served-by: cache-syd10135-SYD, cache-fra19148-FRA
last-modified: Wed, 15 Dec 2021 00:01:23 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 88

GET
H2 200 client.a029ee6c2be129d40565.css
www.afr.com/assets/ 162 KB
27 KB 29ms
27ms Stylesheet
text/css 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/client.a029ee6c2be129d40565.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57c30f22e7e1510aad981ef28221c6f81e88fbcc00f3d899ab4a968a22e91589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 12595
uber-trace-id: 8604bc90b7fe2dd:8604bc90b7fe2dd:0:0
x-cache: HIT, HIT
content-length: 26982
etag: W/"28619-17dc1013e80"
x-served-by: cache-syd10131-SYD, cache-fra19148-FRA
last-modified: Thu, 16 Dec 2021 02:10:24 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none(fetch fresh)
accept-ranges: bytes
x-cache-hits: 2, 33

GET
H2 200 StandardArticleTemplate.8739d27fd24f2e29514e.chunk.css
www.afr.com/assets/ 55 KB
10 KB 36ms
35ms Stylesheet
text/css 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/StandardArticleTemplate.8739d27fd24f2e29514e.chunk.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

260ac4e42a25b35fde529fee4fe464ab9da455e2309a0a5201e752f74b617978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 105881
uber-trace-id: 8d8b5e5b5e6069bb:8d8b5e5b5e6069bb:0:0
x-cache: HIT, HIT
content-length: 9618
etag: W/"dc53-17dbb64c438"
x-served-by: cache-syd10152-SYD, cache-fra19148-FRA
last-modified: Wed, 15 Dec 2021 00:01:23 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 3, 88

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 42ms
19ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/assets/europa.9291a2e4a8346d66db60.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1072 / 199 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 06:11:31 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 59ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 6NcId+5b9AkJKTpgLg+PjSD17lRZWWQyV2FlAgH900ShzoTTXZUbSQm7C5hvxSYpoMSTdvbQ92rrrW0s4FWt9w==
x-fb-trip-id: 720026100
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:11:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-182799.js Show response
static.hotjar.com/c/ 6 KB
3 KB 34ms
12ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-182799.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

7d5ac146a961671fccb452da7c328090e11a4190cce2e6f9bce90201f3c5f91f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 40
etag: W/437c82e5608510122688b951e6b3d188
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zL8VzpqOBa6lyfvv1hXuZE0rYoXpUBHlFLb1PRtLM6OpEksHjbh-2Q==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 66ms
18ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:11:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=83851
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 91ms
22ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 16 Dec 2021 05:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3205
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: DhZRa1IMZoiWu+ww4F1hnAkIW9A3JP1ZX1Ka4CIWLrfsi37tkewVPMPoXLs5LBXodVCt+t+uXOk=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: W87D6QG85FS6Y3EQ
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 5 KB
2 KB 73ms
25ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:11:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=52083
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 async.js Show response
static-au.plista.com/ 64 KB
17 KB 108ms
31ms Script
application/javascript 136.243.44.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static-au.plista.com/async.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.243.44.4 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.4.44.243.136.clients.your-server.de

Software

nginx /

Resource Hash

a3d0f7c45107f6f097378459c64f8c02461a44afe9d787009eb75c709d6ff3df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-plista-versions: plista-plugin- libplista-php-0.0.0
date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
x-plista-node: plista851
content-length: 17165
last-modified: Thu, 16 Dec 2021 06:10:03 GMT
server: nginx
vary: Accept-Encoding
x-varnish: 820443703 820905101
via: 1.1 varnish-v4
cache-control: public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Fri, 17 Dec 2021 06:10:04 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

10ms
9ms

Script
application/javascript

2600:9000:2156:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Server: 2600:9000:2156:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 77873
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 15 Dec 2021 08:33:39 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oKNt7pEwqVdknhtpL02rYbH2sVUXpsfCqXLGf7_ZjndziUk2fVqd8Q==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Thu, 16 Dec 2021 06:11:31 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 86ms
8ms Script
application/javascript 2600:9000:2156:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: uy5pwXEs6BrL6vq4YcsnuXZE0zGUg_yC
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 882
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 16 Dec 2021 05:56:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: AhcB6SomekNI5X9lGgWh23-PWYQDs7Y0bpcBtGSlRfo6rmseKfpwfA==

GET
H/1.1 200
OK adc.js Show response
adc-js.nine.com.au/ 76 KB
22 KB 95ms
30ms Script
application/javascript 2600:9000:2156:8600:7:3896:c640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adc-js.nine.com.au/adc.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8600:7:3896:c640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 934d4d6010b2bfc6795c8212555ff307c8e883a8fa5f974f601773d4f17e156f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:09:49 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 06:12:51 GMT
Server: AmazonS3
Age: 375
ETag: W/"23c4e4ce44af9dfacd823a16445bddda"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: wiTBYxAk_1QTKlWhME8wSNIRvXTJ6FgKD9xWr2iFk-P4P7nykmFElQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 64ms
9ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100152-IAD, cache-hhn11553-HHN

GET
H2 200 6f1b25ee54d3d959c235a33a37a962c9.sprite.svg Show response
www.afr.com/assets/svg/ 106 KB
37 KB 9ms
9ms XHR
image/svg+xml 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/svg/6f1b25ee54d3d959c235a33a37a962c9.sprite.svg

Requested by

Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f74e45fb7b32720dbcb187923c4684517d0e224a63fa52af86b8f9d73076207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"1a969-17db25a4c50"
age: 257976
uber-trace-id: b39c2e8d30568f7b:b39c2e8d30568f7b:0:0
x-cache: HIT, HIT
content-length: 37426
x-served-by: cache-syd10120-SYD, cache-fra19148-FRA
last-modified: Mon, 13 Dec 2021 05:53:22 GMT
x-frame-options: sameorigin
date: Thu, 16 Dec 2021 06:11:31 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 4, 95

OPTIONS
H/1.1 200
OK tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 0
0 1124ms
275ms Preflight 13.238.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.238.96.192 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-238-96-192.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.afr.com
Date: Thu, 16 Dec 2021 06:11:32 GMT
Server: akka-http/10.0.9
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK tp2 Show response
i.ffx.io/com.snowplowanalytics.snowplow/ 2 B
435 B 1108ms
294ms XHR
text/plain 13.238.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.238.96.192 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-238-96-192.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 16 Dec 2021 06:11:33 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.afr.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H2 200 p59ht6 Show response
api.afr.com/api/content/v0/assets/ 11 KB
4 KB 314ms
266ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/api/content/v0/assets/p59ht6
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4ec337438cc11dc83e485509ba0177cbb8864fcce472406d2264f448a087aa81

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 13
x-served-by: cache-syd10171-SYD, cache-mxp6973-MXP
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30
x-varnish-grace: none(fetch fresh)
accept-ranges: bytes
content-encoding: gzip
content-length: 3722
x-cache-hits: 1, 0

GET
H2 200 graphql Show response
api.afr.com/ 196 B
262 B 319ms
310ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20memberDetailsAndSubscriptions%20%7B%20memberDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20member%20%7B%20profile%20%7B%20displayName%20email%20roles%20%7B%20accountId%20role%20%7D%20shortID%20type%20%7D%20%7D%20%7D%20memberSubscriptionDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20subscription%20%7B%20entitlements%20plans%20%7D%20%7D%20%7D%20&operationName=memberDetailsAndSubscriptions&variables=%7B%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 714892f1fc598fef48b0331e7af69cdac69bfb2cec684d199b8650da4a278c75

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-syd10183-SYD, cache-fra19148-FRA
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 196
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 165 B
317 B 317ms
309ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20Account%20%7B%20account%20%7B%20autoplay%20error%20%7B%20message%20type%20%7D%20location%20%7B%20postCode%20state%20suburb%20%7D%20onboarding%20%7B%20newsfeed%20tags%20%7D%20%7D%20%7D%20&operationName=Account&variables=%7B%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 07a7e43a30c29cd24df54879f4fc788b60a76962f3b3c5623717c19762240225

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-syd10161-SYD, cache-fra19148-FRA
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 165
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 104 B
169 B 321ms
314ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20isAssetInSavedList(%24assetID%3A%20String!%2C%20%24brand%3A%20Brand!)%20%7B%20isAssetInSavedList(input%3A%20%7BassetID%3A%20%24assetID%2C%20brand%3A%20%24brand%7D)%20%7B%20isSaved%20error%20%7B%20message%20%7D%20%7D%20%7D%20&operationName=isAssetInSavedList&variables=%7B%22assetID%22%3A%22p59i2u%22%2C%22brand%22%3A%22afr%22%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 54b3121637851046e882df8591a9f2c4472adc2f0c39290cd583e9fccf1aace0

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-syd10160-SYD, cache-fra19148-FRA
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 104
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 473 B
439 B 321ms
314ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20PaywallRuleQuery(%24context%3A%20PaywallRuleRequestContext!%2C%20%24story%3A%20PaywallRuleRequestStory!)%20%7B%20paywallRule(context%3A%20%24context%2C%20story%3A%20%24story)%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20rule%20%7B%20...RuleFragment%20%7D%20%7D%20%7D%20fragment%20RuleFragment%20on%20PaywallRuleData%20%7B%20meter%20%7B%20global%20%7D%20prompt%20%7B%20...PromptFragment%20%7D%20promptType%20%7D%20fragment%20PromptFragment%20on%20Prompt%20%7B%20callToAction%20countRemaining%20message%20style%20subscriptionURL%20title%20%7D%20&operationName=PaywallRuleQuery&variables=%7B%22context%22%3A%7B%22alreadyMetered%22%3Afalse%2C%22currentMeterCount%22%3A0%2C%22referrer%22%3A%22%22%2C%22bypassURL%22%3A%22https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524%22%7D%2C%22story%22%3A%7B%22brand%22%3A%22AFR%22%2C%22categories%22%3A%5B%22Technology%22%5D%2C%22sponsored%22%3Afalse%2C%22tags%22%3A%5B%22Crime%22%2C%22Cyber%20protection%22%2C%22Matthew%20John%20Kean%22%2C%22NSW%20budget%22%5D%2C%22type%22%3A%22ARTICLE%22%7D%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fdb3c6cf003fd30bfc3edd21a3664edc2b4407daef1879323378c491742c93ec

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-served-by: cache-syd10123-SYD, cache-fra19148-FRA
vary: Accept-Encoding, Origin
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 350
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 145 B
212 B 331ms
325ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20AudienceSegmentsQuery(%24userId%3A%20String!)%20%7B%20audienceSegments(userId%3A%20%24userId)%20%7B%20segments%20%7B%20engagementSegment%20%7B%20batchTime%20userSegment%20%7D%20%7D%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20%7D%20%7D%20&operationName=AudienceSegmentsQuery&variables=%7B%22userId%22%3A%22fa11d891-bd64-41fa-bc88-5751bdfaba4f%22%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 14e4b088db7fbce1fc7c9e34f33ce0766a0359a92f87b73df2b4b72d24a6a769

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
age: 0
x-served-by: cache-syd10167-SYD, cache-fra19148-FRA
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: public, max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 129
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H/1.1 200
OK channels.cgi Show response
fairfaxmedia.gscontxt.net/main/ 979 B
1 KB 96ms
15ms Script
application/javascript 158.101.192.201
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://fairfaxmedia.gscontxt.net/main/channels.cgi?url=https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/europa.9291a2e4a8346d66db60.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.101.192.201 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: aa06bd7bb55b1c88e33665469e8713ddf79a7cff7f08cfa7496220db9c0f28db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 979
Content-Type: application/javascript

GET
H2 200 moatheader.js Show response
z.moatads.com/fairfaxheader492510264302/ 236 KB
81 KB 86ms
25ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/europa.9291a2e4a8346d66db60.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 85b8608ed2ca9ff20154fd917a7235ddda73eda72d5e1f41200d6af2f9b87995

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:29:33 GMT
server: AmazonS3
x-amz-request-id: F92QXEPWNGM57ZA4
etag: "a97d68f6f1291597094a7ac2fc51b1f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63790
accept-ranges: bytes
content-length: 82801
x-amz-id-2: y7a7VFgPHCYsdFlnexSd2wf6DYMA6CXQICLuwdHgk9DZORU4wTi6KGc6zsMGgNJBBhPbJnMB2oo=

GET
H2 200 v2tyfY4qGZ1PuKktCNpIp9UkAZT9bIEbMZHL8bVUtrAI8KCeg1sbqNXi-0qUYmJJy Show response
teenytinyshirt.com/ 88 KB
26 KB 65ms
21ms Script
text/javascript 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinyshirt.com/v2tyfY4qGZ1PuKktCNpIp9UkAZT9bIEbMZHL8bVUtrAI8KCeg1sbqNXi-0qUYmJJy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.103.201.35.bc.googleusercontent.com

Software

Resource Hash

97fa4dba38be379bd980479ca40573df4f0b1a404f5ef806774f49304aa917e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "febb0e4bb002f809235d05730dbb0481d6bba18c50fd6ea17e803d194a047d3c"
vary: Accept-Encoding, Accept-Language
x-hostname: 94ecd830
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 16 Dec 2021 06:11:31 GMT
timing-allow-origin: *

GET
H2 200 graphql Show response
api.afr.com/ 13 KB
3 KB 342ms
342ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20assetsConnectionByCriteria(%24after%3A%20ID%2C%20%24brand%3A%20Brand!%2C%20%24categories%3A%20%5BInt!%5D%2C%20%24first%3A%20Int!%2C%20%24render%3A%20Render!%2C%20%24types%3A%20%5BAssetType!%5D!)%20%7B%20assetsConnectionByCriteria(%20after%3A%20%24after%20brand%3A%20%24brand%20categories%3A%20%24categories%20first%3A%20%24first%20render%3A%20%24render%20types%3A%20%24types%20)%20%7B%20edges%20%7B%20cursor%20node%20%7B%20...AssetFragment%20sponsor%20%7B%20name%20%7D%20%7D%20%7D%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20pageInfo%20%7B%20endCursor%20hasNextPage%20%7D%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20shortID%20slug%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20aspect%20autocrop%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=assetsConnectionByCriteria&variables=%7B%22brand%22%3A%22afr%22%2C%22categories%22%3A%5B151%5D%2C%22first%22%3A6%2C%22render%22%3A%22WEB%22%2C%22types%22%3A%5B%22article%22%2C%22liveArticle%22%2C%22featureArticle%22%5D%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3376b01eacfef1067dacb1c3e5897b77b0a37672a91aa65733b18d8165a15c2a

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
age: 0
x-served-by: cache-syd10147-SYD, cache-fra19148-FRA
vary: Accept-Encoding, Origin
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: public, max-age=30
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3090
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 10 KB
3 KB 307ms
306ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20MostPopularQuery(%24assetType%3A%20String%2C%20%24brand%3A%20String!%2C%20%24count%3A%20Int%2C%20%24primaryCategory%3A%20String%2C%20%24subCategory%3A%20String%2C%20%24tags%3A%20%5BString!%5D)%20%7B%20mostPopularStories(%20assetType%3A%20%24assetType%20brand%3A%20%24brand%20category%3A%20%24primaryCategory%20count%3A%20%24count%20subCategory%3A%20%24subCategory%20tags%3A%20%24tags%20)%20%7B%20...AssetFragment%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20shortID%20slug%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20aspect%20autocrop%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=MostPopularQuery&variables=%7B%22brand%22%3A%22afr%22%2C%22primaryCategory%22%3A%22technology%22%2C%22count%22%3A6%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c8efa1a619cfda5c02f0f692b723dc494ed257d6b88fb4b86c4aaed441593869

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
age: 38
x-served-by: cache-syd10150-SYD, cache-fra19148-FRA
vary: Accept-Encoding, Origin
x-cache: HIT, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2446
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 1, 0

GET
H2 200 dc26e292c6b8f3cef1acd92699bfdbfe3748297a
static.ffx.io/images/$zoom_0.172%2C$multiply_4%2C$ratio_0.666667%2C$width_378%2C$x_415%2C$y_0/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 10 KB
10 KB 226ms
226ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.172%2C$multiply_4%2C$ratio_0.666667%2C$width_378%2C$x_415%2C$y_0/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/dc26e292c6b8f3cef1acd92699bfdbfe3748297a
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1588d2683e7346bb70eeb5caac3fc0ca9677a7e06abea265eafedbc436799dd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 338543440624828254103986154667461695644,311447589809533476310986880599373002544,5f5f4219172da4ec8104790896b11172
cache-tag: 338543440624828254103986154667461695644,311447589809533476310986880599373002544,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="dc26e292c6b8f3cef1acd92699bfdbfe3748297a.webp"
content-length: 10162
x-cld-skey: 338543440624828254103986154667461695644 311447589809533476310986880599373002544 5f5f4219172da4ec8104790896b11172
x-cache: MISS, MISS
last-modified: Thu, 16 Dec 2021 00:05:43 GMT
server: cloudinary
x-timer: S1639635091.451165,VS0,VE218
etag: "37db7b6a0ab303f3e3d3dae31fd83243"
x-served-by: cache-fra19155-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 37 KB
8 KB 9ms
9ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20PageContentByPageType(%24brand%3A%20Brand!%2C%20%24pageType%3A%20PageType!%2C%20%24render%3A%20Render!)%20%7B%20pageContentByPageType(brand%3A%20%24brand%2C%20pageType%3A%20%24pageType%2C%20render%3A%20%24render)%20%7B%20contentUnits%20%7B%20assets%20%7B%20...AssetFragment%20sponsor%20%7B%20name%20%7D%20%7D%20config%20%7B%20heading%20headingLink%20%7D%20name%20%7D%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20shortID%20slug%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20aspect%20autocrop%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=PageContentByPageType&variables=%7B%22brand%22%3A%22AFR%22%2C%22pageType%22%3A%22article%22%2C%22render%22%3A%22WEB%22%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c84f600853a8e326041490ebc85d7a89b87ab3a54047c0401b78f34f6ed6254b

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
age: 12
x-served-by: cache-syd10165-SYD, cache-fra19148-FRA
vary: Accept-Encoding, Origin
x-cache: HIT, HIT
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: public, max-age=30
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7602
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 2, 1

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 173ms
172ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 06:11:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 124 B
121 B 34ms
19ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.afr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b462ede43ecdda05f2c835d4c3178d5d2fa2567dd194963027095fb4f8102f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:11:31 GMT

GET
H2 200 419599435931961 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/419599435931961?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47c87e2004b4452b33d08a61a3807a87c6fec50158f9909ac1013f4b81e8bb41

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88827
x-xss-protection: 0
pragma: public
x-fb-debug: zgfEx7ZTNMfrCw46svpMrX2CdX84XkZGQEcjJcXVcCqwNUkLWCDj73a9ezvklaSiwRmQ4kl1OWL2ZWdpeBgRyA==
x-fb-trip-id: 720026100
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:11:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a304207300.html Show response
a304207300.cdn.optimizely.com/client_storage/ Frame 4B2B 2 KB
1 KB 82ms
8ms Document
text/html 104.117.200.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a304207300.cdn.optimizely.com/client_storage/a304207300.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/13780390039.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.200.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-117-200-111.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

59d1fe77c0d1ebe0d67f0573054abc91778b82b7ffe93e734720986ec4496650

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

x-amz-id-2: PZHFhdTx2H0pK2I02KchQhkdjSB43g4VQFyTs7SriouMc410QsL9CWXqVaY/WT/iT0jzvcyqRzs=
x-amz-request-id: 1K4N09BQXJFSHER1
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Dec 2021 00:27:03 GMT
etag: "bc53ae2f20f17265586d36faf8e4833b"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: gFmKoKgeif5UNlvvIYGk8sqeXd_x3ser
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 987
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 16 Dec 2021 06:11:31 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="104.117.200.111";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 39ms
11ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-182799.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 657325
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: YIZBqyHMpuKEBpOsRj7gLtKD0I0N_vfRcK3Fe16NYDoz42n_3OylhA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%252C3519914%26time%3D1639635091558%26url%3Dhttps%253A%252F%252Fwww.afr.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p5...

0
155 B

314ms
114ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&liSync=true&e_ipv6=AQKU53idWKy-kQAAAX3B3gH1PTifycJHRPnf7hi8_EhXlOiXL4siyTcgKFUBEFyt_fsu51Ue
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: in7O5G0nwRbwJcwlvioAAA==

Redirect headers

date: Thu, 16 Dec 2021 06:11:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B1FC441196F54D0CB9B103759D35C2FA Ref B: FRAEDGE1518 Ref C: 2021-12-16T06:11:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1639635091558&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&liSync=true&e_ipv6=AQKU53idWKy-kQAAAX3B3gH1PTifycJHRPnf7hi8_EhXlOiXL4siyTcgKFUBEFyt_fsu51Ue
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTPUs3SHYzWTqzzYw0YA==

GET
H2 200 10167837.json Show response
s.yimg.com/wi/config/ 2 B
449 B 71ms
23ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10167837.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:17:10 GMT
x-content-type-options: nosniff
age: 3261
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: HHP54HYGE2TMKAB3
x-amz-id-2: FPNonmcw6nNC10ggwpHHRXL5godzjlodVAw3yFSUW2A/3jik5h0QWQAGYu7QNJ1ylpZ0JapxebQ=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 8ms
8ms Script
application/javascript 2600:9000:2156:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: lGCM3J1T752RkCkyvC4YTmc2da4EfDQV
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 2753
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 16 Dec 2021 05:25:53 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: h7rvyF__nHt3Yv9jy9GQK8OzBv-PenTKMDgLm9BfW3ktojzeWP9b9w==

GET
H2 200 18147427d5437c96265bc32954cd768ea957fd6c
static.ffx.io/images/$zoom_0.6486%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_165%2C$y_1090/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 3 KB
4 KB 10ms
9ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.6486%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_165%2C$y_1090/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/18147427d5437c96265bc32954cd768ea957fd6c
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 408e38d683d5027fb0daea6c48ea2ed78013cbe66ad48e2473a3ab43486decc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 547229
edge-cache-tag: 371383058288740325008504421169857422820,212215338325196459810792691855186568342,5f5f4219172da4ec8104790896b11172
cache-tag: 371383058288740325008504421169857422820,212215338325196459810792691855186568342,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="18147427d5437c96265bc32954cd768ea957fd6c.webp"
content-length: 3498
x-cld-skey: 371383058288740325008504421169857422820 212215338325196459810792691855186568342 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Thu, 09 Dec 2021 22:01:34 GMT
server: cloudinary
x-timer: S1639635092.599543,VS0,VE1
etag: "95cbcd586c72f515ba53f0b6a5de2797"
x-served-by: cache-fra19142-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 18844e53a57d4d67d0d6db005c04555598cca144
static.ffx.io/images/$zoom_0.569%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_413%2C$y_184/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 3 KB
4 KB 10ms
9ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.569%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_413%2C$y_184/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/18844e53a57d4d67d0d6db005c04555598cca144
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a752251c3deedca296039004ba705bf1b52272f6c30530eada1249e0d2654fbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 198522
edge-cache-tag: 389543121958757772737586178637065674116,266688876178939833935421708651848321146,5f5f4219172da4ec8104790896b11172
cache-tag: 389543121958757772737586178637065674116,266688876178939833935421708651848321146,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="18844e53a57d4d67d0d6db005c04555598cca144.webp"
content-length: 3234
x-cld-skey: 389543121958757772737586178637065674116 266688876178939833935421708651848321146 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Mon, 13 Dec 2021 22:46:10 GMT
server: cloudinary
x-timer: S1639635092.599689,VS0,VE1
etag: "99f63e148f02f204e6cbca666a168d72"
x-served-by: cache-fra19169-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 b340d3ce92027fbe6492304feee3b928e1d3044a
static.ffx.io/images/$zoom_0.1624%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_51/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 9 KB
9 KB 10ms
10ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.1624%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_51/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/b340d3ce92027fbe6492304feee3b928e1d3044a
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 359f8ed8d34689010e4f74af5f02087e3f86e0fd67f808590968e2048c9a2015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 43547
edge-cache-tag: 388123031631677358544791834372998348934,217269312524421280285082545608866122128,5f5f4219172da4ec8104790896b11172
cache-tag: 388123031631677358544791834372998348934,217269312524421280285082545608866122128,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="b340d3ce92027fbe6492304feee3b928e1d3044a.webp"
content-length: 8986
x-cld-skey: 388123031631677358544791834372998348934 217269312524421280285082545608866122128 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 15 Dec 2021 18:00:23 GMT
server: cloudinary
x-timer: S1639635092.599808,VS0,VE1
etag: "3f351cfc70ac7d7cc94554739b2b9737"
x-served-by: cache-fra19162-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 ff4be1951b6ac47059e7dccc86e52509c197ee50
static.ffx.io/images/$zoom_0.1938%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_89%2C$y_162/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 15 KB
15 KB 11ms
10ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.1938%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_89%2C$y_162/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ff4be1951b6ac47059e7dccc86e52509c197ee50
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c8907bb6a4a900a6375c8537f1e572a96088517af62c024a22451de7dee301b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 360218
edge-cache-tag: 449463194121673156974105659293483084698,170570605123393242026261498055125262464,5f5f4219172da4ec8104790896b11172
cache-tag: 449463194121673156974105659293483084698,170570605123393242026261498055125262464,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="ff4be1951b6ac47059e7dccc86e52509c197ee50.webp"
content-length: 15186
x-cld-skey: 449463194121673156974105659293483084698 170570605123393242026261498055125262464 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Sun, 12 Dec 2021 02:06:00 GMT
server: cloudinary
x-timer: S1639635092.599911,VS0,VE1
etag: "bbc7b2ac22f514885426a2ff9469776b"
x-served-by: cache-fra19153-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
674 B 144ms
124ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1c4v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f613f2cb-bdd2-4eac-9c63-9f2ba3d485c5&tw_document_href=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Thu, 16 Dec 2021 06:11:31 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8aac00fa87d4d0c456e60ca725beec5fe4809c6ee98bb4f6e8ab388ecc6c1006
x-transaction: a36899c580e7fb37
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 142ms
121ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1c4v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f613f2cb-bdd2-4eac-9c63-9f2ba3d485c5&tw_document_href=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Thu, 16 Dec 2021 06:11:31 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 315aff925c6e695e2cafe719deabaf6b219bd8ff589d9c305b10a1c14955108b
x-transaction: 2d258d4409ffa80a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame DF8D 11 KB
4 KB 187ms
111ms Document
text/html 2600:9000:2156:9400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Thu, 16 Dec 2021 06:11:31 GMT
server: nginx
last-modified: Tue, 14 Dec 2021 14:41:21 GMT
etag: W/"61b8ad11-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: briif0Crlx21SQYHheh0MsiM_AczpNY1Mg1cv_hPFL-Nu1yKaGuLhQ==

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 74ms
8ms Image
image/gif 2600:9000:2156:2200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
age: 11368617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: I6MZqSFNc5aNiz5AfbEYBd_tX9pqWpE871GN7849GGFpV0hT4ExajQ==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 233 B
408 B 171ms
56ms Script
text/html 52.48.241.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-d5RbXVZgr1f3LlF%2Fnkx0mb91P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-iHtHGE5B1zA1OQ%3D%3D&sc=1&os=1-cQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&pcode=fairfaxheader492510264302&rx=726942643200&callback=MoatNadoAllJsonpRequest_99592293
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.241.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 8a5570ecf8e28d76f8a37cefca479d4fbe3b77f97b74a6fa6f67e29ae9159ffb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "5fdd684ac5e81eefaa34645ee567391fc8f619c6"
content-length: 233
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 467E 1 KB
2 KB 25ms
25ms Document
text/html 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

x-amz-id-2: cMTMm/T5i/x+FajcHkVdFOSmWAZag3PGFBeFtprKDfuotZYacHPbNTZ9It13lKcp9wxjAAroOng=
x-amz-request-id: 3AF06B645285EDE5
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=406
date: Thu, 16 Dec 2021 06:11:31 GMT

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 70E5 2 KB
1 KB 29ms
9ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-182799.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: w-mbZ1EYjk6ytvC6mErtQIDM7L1hk8fvd9M85MEzAIzknHun3wsVOA==
age: 1174705

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 106ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2016%20Dec%202021%2006%3A11%3A31%20GMT&n=0&b=Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system&.yp=10167837&f=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&enc=UTF-8&yv=1.10.2&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:31 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 16 Dec 2021 06:11:31 GMT

GET
H2 200 fc2c63baa23f7c11ea923073.js Show response
static-au.plista.com/async/pub/ 31 B
361 B 14ms
14ms Script
application/javascript 136.243.44.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static-au.plista.com/async/pub/fc2c63baa23f7c11ea923073.js

Requested by

Host: static-au.plista.com
URL: https://static-au.plista.com/async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.243.44.4 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.4.44.243.136.clients.your-server.de

Software

nginx /

Resource Hash

e8a2bc039ea82266ecd31dcb748fe90f212f6358fcf2502eb0061d9652b3638f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Dec 2021 06:04:30 GMT
server: nginx
age: 420
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish-v4
cache-control: public, must-revalidate, proxy-revalidate
x-varnish: 820443757 820674705
accept-ranges: bytes
content-length: 51
expires: Fri, 17 Dec 2021 06:04:31 GMT

GET
H3 200 1831268437115893 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1831268437115893?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

453b9ac9d54282c9838b51a5ea6d8fc34983a90050a750bccccc339e61109d86

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89179
x-xss-protection: 0
pragma: public
x-fb-debug: 8uEToK/o2zOA8CH8vI9RVAV77gxr4J9evKs/7yYcqnyEn8Ft+9ywdw7uu/oOKyzhJNyjCg7s1g9NOl4+6cxUiw==
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:11:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 60ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=419599435931961&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635091726&cd[brand]=afr&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 06:11:31 GMT

GET
H2 200 P70F2B436-31E2-4369-A3CB-294DC350A880.js Show response
cdn-gl.imrworldwide.com/conf/ 33 KB
7 KB 10ms
10ms Script
application/javascript 2600:9000:2156:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P70F2B436-31E2-4369-A3CB-294DC350A880.js
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff7fd49dc02d60fd506a5d9d697453b13c1fff4f9d9974b11302a65f59dfb2c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xAZHV5aDYWTXXaOuwtt.t55mmyk.ASr.
content-encoding: gzip
etag: W/"7e723371ef3f4fdb5a42566dc9c94767"
last-modified: Thu, 16 Dec 2021 03:16:52 GMT
server: AmazonS3
age: 1919
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Thu, 16 Dec 2021 05:57:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KDGW2mJB_9_UGJMGmuwGh0Kslo-VWIYV3wTCAzcllpDpZmFUUcNfyQ==

GET
H2 200 ebe70a1aa3b9692ba87740d96f5ab9a5c874ba64
static.ffx.io/images/$zoom_0.2987%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_94/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 4 KB
5 KB 9ms
9ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.2987%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_94/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ebe70a1aa3b9692ba87740d96f5ab9a5c874ba64
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ee31e815e42257e6bf25bcca009e515cfd5dcdbb0bbf93ba734da2ed81cb1a8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 519887
edge-cache-tag: 423319009866693902366749080209623223937,409269023999366818702973327158417222342,5f5f4219172da4ec8104790896b11172
cache-tag: 423319009866693902366749080209623223937,409269023999366818702973327158417222342,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="ebe70a1aa3b9692ba87740d96f5ab9a5c874ba64.webp"
content-length: 4506
x-cld-skey: 423319009866693902366749080209623223937 409269023999366818702973327158417222342 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Mon, 09 Aug 2021 02:10:37 GMT
server: cloudinary
x-timer: S1639635092.769331,VS0,VE1
etag: "5d5a0a152d9fbeaa25075cb7e6a2aa57"
x-served-by: cache-fra19179-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

POST
H/1.1 200
OK / Show response
l.ffx.io/ 2 B
417 B 276ms
276ms XHR
text/plain 3.24.79.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.ffx.io/
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.24.79.120 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-79-120.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 16 Dec 2021 06:11:33 GMT
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length: 2

OPTIONS
H/1.1 204
No Content /
l.ffx.io/ Frame 0
0 1135ms
274ms Preflight 3.24.79.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.ffx.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.24.79.120 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-79-120.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.15.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Content-Length: 0
Date: Thu, 16 Dec 2021 06:11:32 GMT
Server: nginx/1.15.9
Connection: keep-alive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4225
date: Thu, 16 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 07:01:06 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 154ms
32ms XHR
application/json 52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BEB5C8A15492DB600A4C98BC%40AdobeOrg&d_nsid=0&ts=1639635091802

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cff16f1c26a495b4cca5f0f8c6f28f508e007896d0520ecf90a7e34b71d5e30a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v025-03af789ed.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: w2VvQqRLRRU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.afr.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 878
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 collect.js Show response
10510523.collect.igodigital.com/ 9 KB
2 KB 354ms
105ms Script
application/javascript 52.55.14.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://10510523.collect.igodigital.com/collect.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.14.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-14-119.compute-1.amazonaws.com
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 21:46:40 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 p.js Show response
cdn.parsely.com/keys/afr.com/ 72 KB
25 KB 60ms
9ms Script
application/javascript 143.204.103.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/afr.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-127.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e08410c46d34e10e615b8db79c9ff00de29e1a60179ede7a355d1d9c1c5307c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 08:46:49 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 21:52:02 GMT
server: nginx
age: 78039
etag: W/"616f3e02-11f4e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: aD-0pKETiafiqhaGEM6CCUux2AkkTvwutLIok6-CipnH4AEXggyRyA==
expires: Thu, 16 Dec 2021 08:30:52 GMT

GET
H3

200

/ Show response
adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system... Frame 42BE
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_c...
https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budget...
https://adservice.google.com/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeti...
https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgetin...

42 B
63 B

61ms
45ms

Document
image/gif

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4938624929712.778;~oref=https://www.afr.com/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Dec 2021 06:11:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Dec 2021 06:11:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CIjz2dnU5_QCFSFTwgodRU0MHQ;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4938624929712.778;~oref=https://www.afr.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 18147427d5437c96265bc32954cd768ea957fd6c
static.ffx.io/images/$zoom_0.6486%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_165%2C$y_1090/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 6 KB
6 KB 9ms
8ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.6486%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_165%2C$y_1090/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/18147427d5437c96265bc32954cd768ea957fd6c
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 10c7204911d070a91cada0d5fd2284354115fbb6c5a94030c96364f7aa1eb912

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 100890
edge-cache-tag: 371383058288740325008504421169857422820,292276492032169409079754293013508178941,5f5f4219172da4ec8104790896b11172
cache-tag: 371383058288740325008504421169857422820,292276492032169409079754293013508178941,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="18147427d5437c96265bc32954cd768ea957fd6c.webp"
content-length: 5854
x-cld-skey: 371383058288740325008504421169857422820 292276492032169409079754293013508178941 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Thu, 09 Dec 2021 22:01:28 GMT
server: cloudinary
x-timer: S1639635092.858031,VS0,VE1
etag: "690929bf9fe464e80526f1ec6d29b302"
x-served-by: cache-fra19121-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 18844e53a57d4d67d0d6db005c04555598cca144
static.ffx.io/images/$zoom_0.569%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_413%2C$y_184/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 5 KB
6 KB 9ms
9ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.569%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_413%2C$y_184/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/18844e53a57d4d67d0d6db005c04555598cca144
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e1318ed0a70ecc8e33eed8ea3551ea2ce4ce529da22306214e0590fcc0b7de1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 197242
edge-cache-tag: 389543121958757772737586178637065674116,343388078544120810797021478541479137865,5f5f4219172da4ec8104790896b11172
cache-tag: 389543121958757772737586178637065674116,343388078544120810797021478541479137865,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="18844e53a57d4d67d0d6db005c04555598cca144.webp"
content-length: 5388
x-cld-skey: 389543121958757772737586178637065674116 343388078544120810797021478541479137865 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Mon, 13 Dec 2021 22:46:11 GMT
server: cloudinary
x-timer: S1639635092.858223,VS0,VE1
etag: "abad09fb0b2506eceb80dd064e8cfbe9"
x-served-by: cache-fra19162-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 b340d3ce92027fbe6492304feee3b928e1d3044a
static.ffx.io/images/$zoom_0.1624%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_51/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 14 KB
14 KB 9ms
9ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.1624%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_51/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/b340d3ce92027fbe6492304feee3b928e1d3044a
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 684ecc96eb34b07fa188c8ad751ebc4312da5f6fb4e1be79aae6637b39eb5c69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 43077
edge-cache-tag: 388123031631677358544791834372998348934,282646386236211393071498047817210922332,5f5f4219172da4ec8104790896b11172
cache-tag: 388123031631677358544791834372998348934,282646386236211393071498047817210922332,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="b340d3ce92027fbe6492304feee3b928e1d3044a.webp"
content-length: 13950
x-cld-skey: 388123031631677358544791834372998348934 282646386236211393071498047817210922332 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 15 Dec 2021 18:00:06 GMT
server: cloudinary
x-timer: S1639635092.858395,VS0,VE1
etag: "d46a9039ef273b38da490d7e493ac6df"
x-served-by: cache-fra19170-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 ff4be1951b6ac47059e7dccc86e52509c197ee50
static.ffx.io/images/$zoom_0.1938%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_89%2C$y_162/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 25 KB
26 KB 10ms
10ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.1938%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_89%2C$y_162/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ff4be1951b6ac47059e7dccc86e52509c197ee50
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4724191f7ca09a5180d6c9c10b26b5031989b816b1d35ee4491bb49e915eb45c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 360218
edge-cache-tag: 449463194121673156974105659293483084698,391270656831598327332900374335357026826,5f5f4219172da4ec8104790896b11172
cache-tag: 449463194121673156974105659293483084698,391270656831598327332900374335357026826,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="ff4be1951b6ac47059e7dccc86e52509c197ee50.webp"
content-length: 25950
x-cld-skey: 449463194121673156974105659293483084698 391270656831598327332900374335357026826 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Sun, 12 Dec 2021 02:05:46 GMT
server: cloudinary
x-timer: S1639635092.858506,VS0,VE1
etag: "dee6546c3a64fc0d1d581408ba4db4c3"
x-served-by: cache-fra19171-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2

200

dc_pre=CLL02dnU5_QCFUXF7QodI74H9A;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=*;ps=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=1451949861.1639635092;ps=1?
https://ad.doubleclick.net/activity;dc_pre=CLL02dnU5_QCFUXF7QodI74H9A;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=1451949861.1639635092;ps=1?
https://adservice.google.com/ddm/fls/z/dc_pre=CLL02dnU5_QCFUXF7QodI74H9A;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=*;ps=1

42 B
118 B

44ms
44ms

Image
image/gif

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLL02dnU5_QCFUXF7QodI74H9A;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=*;ps=1

Requested by

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/dc_pre=CLL02dnU5_QCFUXF7QodI74H9A;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=*;ps=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activityi;register_conversion=1;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=1451949861.1639635092;ps=1
6633783.fls.doubleclick.net/ 0
0 40ms
16ms Image
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6633783.fls.doubleclick.net/activityi;register_conversion=1;src=6633783;type=afrpa0;cat=paywall;ord=2095476017875;gtm=2wgc10;auiddc=1451949861.1639635092;ps=1?
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 graphql Show response
api.afr.com/ 8 KB
2 KB 9ms
9ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20MostPopularQuery(%24assetType%3A%20String%2C%20%24brand%3A%20String!%2C%20%24count%3A%20Int%2C%20%24primaryCategory%3A%20String%2C%20%24subCategory%3A%20String%2C%20%24tags%3A%20%5BString!%5D)%20%7B%20mostPopularStories(%20assetType%3A%20%24assetType%20brand%3A%20%24brand%20category%3A%20%24primaryCategory%20count%3A%20%24count%20subCategory%3A%20%24subCategory%20tags%3A%20%24tags%20)%20%7B%20...AssetFragment%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20shortID%20slug%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20aspect%20autocrop%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=MostPopularQuery&variables=%7B%22brand%22%3A%22afr%22%2C%22primaryCategory%22%3A%22technology%22%2C%22count%22%3A5%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.5eda17977108f7dc3109.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e504def0bd25a13ca7bd73b46a5f8d97ce4d8ef6e3f639b493b36698dd398955

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
content-encoding: gzip
age: 41
x-served-by: cache-syd10141-SYD, cache-fra19148-FRA
vary: Accept-Encoding, Origin
x-cache: HIT, HIT
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2124
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 1, 1

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 193 KB
54 KB 10ms
10ms Script
application/javascript 2600:9000:2156:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P70F2B436-31E2-4369-A3CB-294DC350A880.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
content-encoding: gzip
etag: W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 1295
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 16 Dec 2021 05:49:59 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TmcBoob0Fy1enEp8jhmTvexpIginJtsLIta8che77AJrbriErX0gCw==

GET
H3 200 953970877989909 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 19ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/953970877989909?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48f2243a31d116f576b0c06cbed9b9ad55d92a8910ec53f9fbe525ec020649db

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88884
x-xss-protection: 0
pragma: public
x-fb-debug: W4ZutYB1D4EhOcoD2YFBV/J6mKR1i5Tots8C+6XCX+4NbpPtJb3KXc+vdfdeAvwNCdAKpSEFEr9jT4gBZris9Q==
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:11:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 40ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1831268437115893&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635091909&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221111245219334310%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22248737323376397%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22238870547858716%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221061618751009995%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:31 GMT

GET
H2 204 182799 Show response
vc.hotjar.io/sessions/ 0
257 B 55ms
35ms XHR
text/plain 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/182799?s=0.25&r=0.07034058997919579
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: q0NvHr667QjE2wjr9-9FljjRMbRs_7hTX5Wm2DHmf5Uypg95sR5t5Q==

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Dec 2021 06:36:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
15ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2040312628&t=pageview&_s=1&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&dp=%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&ul=en-us&de=UTF-8&dt=Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEALBAAAAC~&jid=2133216666&gjid=454551099&cid=742800808.1639635092&tid=UA-91053368-8&_gid=1340354250.1639635092&_r=1&gtm=2wgc10NN4PPKH&cd1=afr&cd2=2021-12-16T00%3A02%3A56.000Z&cd3=2021-12-16T00%3A02%3A56.000Z&cd4=Aaron%20Patrick&cd5=WEB&cd6=4F7F23F5-1F90-4D70-B5B3-4D41C342AE1B&cd7=article&cd8=Technology&cd10=authoring&cd11=p59i2u&cd12=false&cd14=visitor&cd16=0&cd21=AFR&cd22=Cyber%20protection%7CMatthew%20John%20Kean%7CNSW%20budget&cd23=Crime&cd24=non%20metered&cd27=(not%20set)&cd28=P70F2B436-31E2-4369-A3CB-294DC350A880&cd29=afr.com-brand%20only&cd33=%2274c5d21a-5091-41b2-a97a-d17358ade8ac%22&cd35=true&cd38=&cd40=desktop&cd42=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&cd46=Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system&cd48=edmail&cd56=visitor&cd57=false&cd60=&cd61=false&cd62=&cd63=&cd64=&cd65=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&cd66=&z=1020085777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
533 B 310ms
309ms Image
image/gif 2600:9000:2156:9400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1639635091959&ci=f2&js=1&cg=0&ts=adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1c4v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f613f2cb-bdd2-4eac-9c63-9f2ba3d485c5&tw_document_href=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&tpx_cb=twttr.conversion.loadPixels&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&sr=1600x1200&id=lstrg-9b0490c41737b613f457b7e7e4a775ea
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: aaec4ks3GUk7hRe9I1RJETy3OT_OeCTqpcRSiUuH_u-_I_H5IlADyQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
fairfaxau.demdex.net/ Frame 3A11 7 KB
3 KB 139ms
30ms Document
text/html 52.50.167.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fairfaxau.demdex.net/dest5.html?d_nsid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.167.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-167-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 16 Dec 2021 06:11:32 GMT
DCS: dcs-prod-irl1-2-v025-0bb66c92f.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 15 Dec 2021 15:22:28 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: cdl40CNNQOU=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
fairfaxau.sc.omtrdc.net/ 2 B
314 B 63ms
18ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fairfaxau.sc.omtrdc.net/id?d_visid_ver=1.8.0&d_fieldgroup=A&mcorgid=BEB5C8A15492DB600A4C98BC%40AdobeOrg&mid=40266857893021294331623261580434541884&ts=1639635091965

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-675dccd488-tkm5m
vary: Origin
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK event Show response
nd.demdex.net/ 2 KB
2 KB 157ms
38ms XHR
application/json 54.194.29.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.demdex.net/event?_ts=1639635091805

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.29.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-29-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

119bb7798be016a11bdf5f4624b1f787245098cb00ba57215a885f46dbd69952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v025-0499c619f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: NbtBdCLVRN4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.afr.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 740
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 00c28f94072a6b00e31b56fc9c64410e6a6c7017
static.ffx.io/images/$zoom_0.3619%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_493%2C$y_0/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 6 KB
6 KB 9ms
8ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.3619%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_493%2C$y_0/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/00c28f94072a6b00e31b56fc9c64410e6a6c7017
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c4fe705425ffc7ce3f6d619124d5b25c543b84e5491569c5453024ff6a436764

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 39222
edge-cache-tag: 472484143518924992852664869475973734877,386819250242086521409817105635041144395,5f5f4219172da4ec8104790896b11172
cache-tag: 472484143518924992852664869475973734877,386819250242086521409817105635041144395,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="00c28f94072a6b00e31b56fc9c64410e6a6c7017.webp"
content-length: 5830
x-cld-skey: 472484143518924992852664869475973734877 386819250242086521409817105635041144395 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 15 Dec 2021 19:06:46 GMT
server: cloudinary
x-timer: S1639635092.972062,VS0,VE1
etag: "9393061a1c0b1a7b190eb75508f1b193"
x-served-by: cache-fra19128-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 25eaf6f839d6b01a30e58eff65aed479a68ca6d5
static.ffx.io/images/$zoom_1.2612%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_1931%2C$y_3136/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 7 KB
7 KB 9ms
9ms Image
image/webp 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_1.2612%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_1931%2C$y_3136/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/25eaf6f839d6b01a30e58eff65aed479a68ca6d5
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 68bf6bbd8ede36c8dd906d2e6b2a60736fda20ab6d539db3a4d15a2dfbade5f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 39218
edge-cache-tag: 395330175840456569741650320368225807617,209262668023846216048745855328904980634,5f5f4219172da4ec8104790896b11172
cache-tag: 395330175840456569741650320368225807617,209262668023846216048745855328904980634,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="25eaf6f839d6b01a30e58eff65aed479a68ca6d5.webp"
content-length: 7146
x-cld-skey: 395330175840456569741650320368225807617 209262668023846216048745855328904980634 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 15 Dec 2021 18:03:27 GMT
server: cloudinary
x-timer: S1639635092.972259,VS0,VE1
etag: "3aeb71f02e657420145e506fee4593f8"
x-served-by: cache-fra19137-FRA, cache-fra19148-FRA
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame DE0B 12 KB
4 KB 9ms
8ms Document
text/html 2600:9000:2156:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

content-type: text/html
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server: AmazonS3
content-encoding: gzip
date: Thu, 16 Dec 2021 05:50:21 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: I3X8TEPSAxEoCGBnksfixcSou6E4M_V8qoXDAOLJc-FfMAz-JT1ZQQ==
age: 1271

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 44ms
18ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.afr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 33ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.afr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 284 KB
71 KB 570ms
569ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1186265036684017&correlator=4057121634605472&output=ldjh&impl=fifs&eid=31063899%2C44752541%2C44756716&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211216&iu_parts=21671780509%2Cafr%2Ctechnology%2Ccrime&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C320x50%7C6x2%2C300x600%7C300x250%7C160x600%2C320x50%7C6x2&fluid=0%2C0%2Cheight%2C0%2Cheight&prev_scp=pos%3D1%26src_ad_id%3Dadspot-970x250_728x90-pos1-desktop%7Cpos%3D2%26src_ad_id%3Dadspot-970x250_728x90-pos2-desktop%7Cpos%3D1%26src_ad_id%3Dadspot-N-6x2-pos1-desktop%26nativesz%3D6x2%7Cpos%3D3%26src_ad_id%3Dadspot-300x600_300x250_160x600-pos3-desktop%7Cpos%3D2%26src_ad_id%3Dadspot-N-6x2-pos2-desktop%26nativesz%3D6x2&cust_params=adKitVersion%3D2.1.14%26autoRefresh%3Dfalse%26brms%3Dtrue%26brvs%3Dtrue%26deployEnv%3Dproduction%26layout%3Dblue%26pageid%3Dp59i2u%26pageviewid%3D4F7F23F5-1F90-4D70-B5B3-4D41C342AE1B%26swgt%3Dna%26sysEnv%3Ddesktop%26cat%3Dtechnology%26cat1%3Dcrime%26ctype%3Darticle%26csub%3Dvisitor%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26gs_cat%3Dneg_apple_keywords%252Cneg_custom_nespresso%252Cneg_lego_custom%252Cneg_custom-brand-safety_macquarie-bank%252Cfinancial-events%252Cmicrosoft_kwbl%252Ctechdevices%252Cneg_custom_freestyle_libre%252Cinternet%252Cmicrosoft_master_kwbl%252Cneg_mcdonalds_kwbl%252Cneg_cadreon_master_kwbl%252Cjourno_finexpert%252Cintuit_stp%252Chousingmarket%252Cneg_ffx_anzbank_kwbl%252Cneg_ffx_officeworks_kwbl%252Cneg_us_protests%252Csubaru_master_kwbl%252Cffx_volkswagen_kw_blacklist%252Clogmein_meetings_predts%252Camex_master_kwbl%252Cneg_nestle_master%252Cffx_federal_budget%252Cgv_crime%252Cneg_ffx_crime_other%252Cxero_competitors_predts%252Cmayohardware_thermalbodycameras%252Cneg_westpac_brandsaftey2020%252Cwestpac_brandsaftey%252Cneg_ninepub_covid19%252Cninepub_covid19%252Cairlines_kwbl%252Cwoolworths_retail_vertical%252Cterror_violence%252Cgt_negative_anger%252Croyal_commission%252Cgt_negative%252Cgs_tech_computing%252Csemi_retired_workforce_predts%252Cbtfinancial_kwbl%252Cbushfire%252Cbushfires%252Cgs_tech%252Cgreat_southern_rail_kwbl%252Clavazza_kwbl&cookie_enabled=1&bc=31&abxe=1&lmt=1639635092&dt=1639635092010&dlt=1639635091051&idt=703&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C315%2C-9%2C-9%2C-9&adys=231%2C1528%2C-9%2C-9%2C-9&adks=1855092649%2C755713870%2C1788912247%2C121945735%2C1640662607&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x138%7C1340x122%7C0x-1%7C0x-1%7C0x-1&msz=1600x90%7C1340x90%7C0x-1%7C0x-1%7C0x-1&ga_vid=742800808.1639635092&ga_sid=1639635092&ga_hid=2040312628&ga_fc=true&fws=4%2C4%2C2%2C2%2C2&ohw=1600%2C1600%2C0%2C0%2C0&btvi=0%7C1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0d1e76ca3396b62699c5f3eb6e6ff2bdabe918585087456261fabab1be42682d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72628
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.afr.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
96d2fec632341d33d327cc999b916144.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E02E 6 KB
4 KB 64ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96d2fec632341d33d327cc999b916144.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 16 Dec 2021 06:11:32 GMT
expires: Fri, 16 Dec 2022 06:11:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 65ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91053368-8&cid=742800808.1639635092&jid=2133216666&gjid=454551099&_gid=1340354250.1639635092&_u=YGBACEAKBAAAAC~&z=947259832

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 06:11:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953970877989909&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092035&cd[user.status]=visitor&cd[brand]=afr&cd[page.type]=article&cd[section.primaryCategory]=technology&cd[page.renderedPlatform]=WEB&cd[Container%20ID]=GTM-NN4PPKH&cd[page.name]=Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system&cd[page.primaryTag]=Crime&cd[page.author]=Aaron%20Patrick&cd[page.fullPageLoad]=true&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
20ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=419599435931961&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092036&cd[eventCategory]=meter&cd[eventLabel]=inline&cd[eventAction]=meter%20impression&cd[userStatus]=visitor&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
20ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1831268437115893&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092037&cd[eventCategory]=meter&cd[eventLabel]=inline&cd[eventAction]=meter%20impression&cd[userStatus]=visitor&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
22ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953970877989909&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092037&cd[eventCategory]=meter&cd[eventLabel]=inline&cd[eventAction]=meter%20impression&cd[userStatus]=visitor&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
22ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=419599435931961&ev=Metered%20Page%20Visitor&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092038&cd[eventCategory]=meter&cd[eventLabel]=inline&cd[userStatus]=visitor&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
22ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1831268437115893&ev=Metered%20Page%20Visitor&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092039&cd[eventCategory]=meter&cd[eventLabel]=inline&cd[userStatus]=visitor&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
22ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953970877989909&ev=Metered%20Page%20Visitor&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092040&cd[eventCategory]=meter&cd[eventLabel]=inline&cd[userStatus]=visitor&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

POST
H2 200 v2cbr8HBtvnjORGxUWnTRPZHUe5N-cOmlPKbAWwWbwCJ9O97EeS6aoq206NUuL-P4saKFP02de6_r4HfwTQ Show response
teenytinyshirt.com/ 227 B
621 B 44ms
18ms Fetch
application/json 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinyshirt.com/v2cbr8HBtvnjORGxUWnTRPZHUe5N-cOmlPKbAWwWbwCJ9O97EeS6aoq206NUuL-P4saKFP02de6_r4HfwTQ

Requested by

Host: teenytinyshirt.com
URL: https://teenytinyshirt.com/v2tyfY4qGZ1PuKktCNpIp9UkAZT9bIEbMZHL8bVUtrAI8KCeg1sbqNXi-0qUYmJJy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.103.201.35.bc.googleusercontent.com

Software

Resource Hash

d0fea8e26b7517f3b706f0da87541a0f3eb75f92efd68677c947ff5527d86338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 16 Dec 2021 06:11:32 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 227
expires: Thu, 16 Dec 2021 06:11:31 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Ping
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame DE0B 44 B
561 B 53ms
34ms Image
image/gif 54.216.167.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P70F2B436-31E2-4369-A3CB-294DC350A880&sessionId=nxflmiftx4leud2fatcyckjhrii0t1639635091&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.167.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-167-233.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
nxflmiftx4leud2fatcyckjhrii0t1639635091.nuid.imrworldwide.com/ Frame DE0B 35 B
349 B 67ms
8ms Image
image/gif 2600:9000:2156:e200:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxflmiftx4leud2fatcyckjhrii0t1639635091.nuid.imrworldwide.com/
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 06:19:58 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 85894
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: n71nl9Q88h2y3mtwAssNfZOL0k2-LPN2_icv84y3wBGvwnUF0sNm5g==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 47ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91053368-8&cid=742800808.1639635092&jid=2133216666&_u=YGBACEAKBAAAAC~&z=98308282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 44ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91053368-8&cid=742800808.1639635092&jid=2133216666&_u=YGBACEAKBAAAAC~&z=98308282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=4331350874324167399
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4331350874324167399

42 B
945 B

32ms
32ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=4331350874324167399

Requested by

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0fb44a1ea.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tUWdEYMoTW8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:11:32 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8d8df98e-412e-4ee4-98ec-b851ecfb45a9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=4331350874324167399
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=7219760580196216681
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7219760580196216681

42 B
945 B

32ms
32ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=7219760580196216681

Requested by

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0d7ff099d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /ZFfCuzSTUY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=7219760580196216681
pragma: no-cache
date: Thu, 16 Dec 2021 06:11:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3A11 0
214 B 36ms
9ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=40133263932122926401645328706895265797&gdpr=0&gdpr_consent=
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 403 track_page_view
nova.collect.igodigital.com/c2/10510523/ 43 B
354 B 110ms
109ms Image
image/gif 52.55.14.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/10510523/track_page_view?payload=%7B%22title%22%3A%22Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system%22%2C%22url%22%3A%22https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%7D%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.14.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-14-119.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-runtime: 0.002631
date: Thu, 16 Dec 2021 06:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: a9f88c49-d54a-40b2-851f-4c880aa0326a

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 416ms
100ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1639635092178&plid=60578755&idsite=afr.com&url=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_pageviewID%22%3A%224F7F23F5-1F90-4D70-B5B3-4D41C342AE1B%22%7D&sid=1&surl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&sref=&sts=1639635092171&slts=0&title=Cyber+criminals+force+shutdown+of+NSW+budgeting+system&date=Thu+Dec+16+2021+06%3A11%3A32+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=95892854&u=pid%3Deeef1973cabc3ce3f1320ac6c7c581c8
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:11:32 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 16-Dec-2021 06:11:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 3A11 0
0 147ms
38ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=466%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 / Show response
adc.nine.com.au/ 89 B
549 B 894ms
300ms Fetch
application/json 52.65.130.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adc.nine.com.au/?

Requested by

Host: adc-js.nine.com.au
URL: https://adc-js.nine.com.au/adc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.65.130.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-65-130-251.ap-southeast-2.compute.amazonaws.com

Software

awselb/2.0 /

Resource Hash

e1dcfab61c23bacb9b77a1792b42c9431688b295c57b9acb501377dd0f183d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json
Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
server: awselb/2.0
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.afr.com
api-supported-versions: 1.0
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-type: application/json; charset=utf-8
content-length: 89

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPXh2IJzZ4gGIx-Q1hTVp-U&google_cver=1
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDAxMzMyNjM5MzIxMjI5MjY0MDE2NDUzMjg3MDY4OTUyNjU3OTc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPXh2IJzZ4gGIx-Q1hTVp-U&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

32ms
32ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPXh2IJzZ4gGIx-Q1hTVp-U&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-081e49ba6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hgkU9plsTm4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPXh2IJzZ4gGIx-Q1hTVp-U&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=782&dpuuid=YbrYlAAAKjQ_WgAZ
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://rtd-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D&_test=YbrYlAAAKjQ_WgAZ
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YbrYlAAAKjQ_WgAZ

42 B
945 B

32ms
32ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=782&dpuuid=YbrYlAAAKjQ_WgAZ

Requested by

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0bb66c92f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NDTvXXEBRMI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1639635092.390131,VS0,VE89
x-served-by: cache-hhn4055-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://dpm.demdex.net/ibs:dpid=782&dpuuid=YbrYlAAAKjQ_WgAZ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 63BB 0
15 B 19ms
19ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.afr.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.afr.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:11:32 GMT

GET
H/1.1

200
OK

ibs:dpid=832&dpuuid=EUX4315420328653096569
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://sync.adap.tv/demdex_user_sync
https://sync.adaptv.advertising.com/demdex_user_sync?
https://dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4315420328653096569

42 B
945 B

32ms
32ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4315420328653096569

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0816b82f1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gyxWJLybT8w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: //dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4315420328653096569
Server: ribs2.0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YbrYlO752XQkGXci6hNvfQAA%261184
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YbrYlO752XQkGXci6hNvfQAA%261184

42 B
945 B

31ms
31ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YbrYlO752XQkGXci6hNvfQAA%261184

Requested by

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-0825c21b4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6YMiCRGESb4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:11:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YbrYlO752XQkGXci6hNvfQAA%261184
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=40133263932122926401645328706895265797&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=40133263932122926401645328706895265797&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
963 B

30ms
30ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-050c6568a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: fipcMxUOTXc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Thu, 16 Dec 2021 06:11:32 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 3A11
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=40133263932122926401645328706895265797&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-3JCJ3T9E2pG5hjuL1wvXoJeP6j8x3J1TDbY-~A

42 B
945 B

32ms
31ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-3JCJ3T9E2pG5hjuL1wvXoJeP6j8x3J1TDbY-~A

Requested by

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fairfaxau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-065d609cb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7GecQiXxQSQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 16 Dec 2021 06:11:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-3JCJ3T9E2pG5hjuL1wvXoJeP6j8x3J1TDbY-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0767 0
15 B 19ms
19ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.afr.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.afr.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:11:32 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
356 B 420ms
100ms XHR
text/plain 52.72.206.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/13780390039.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.206.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-206-84.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Dec 2021 06:11:32 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.afr.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: a8f0054d-5ca8-489c-aad9-17a444905965

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A78C 0
15 B 19ms
19ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.afr.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.afr.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:11:32 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 56F7 189 KB
54 KB 57ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 127479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 18:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 18:46:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 56F7 13 KB
5 KB 67ms
33ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 114356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 22:25:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 56F7 89 KB
29 KB 43ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 18:16:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 18:16:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 56F7 5 KB
2 KB 67ms
34ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 400137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 15:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 15:02:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 56F7 40 KB
13 KB 64ms
32ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 375597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 21:51:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 21:51:35 GMT

GET
DATA 200
OK truncated
/ Frame 56F7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a93db22361638ad844d2426f443e3fab8bad00eb577c598ac0933783fc150e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11701356389800119889
tpc.googlesyndication.com/simgad/ Frame 56F7 70 KB
70 KB 38ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11701356389800119889?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlUYjVgsIclFx7n4CNgRCzql093Qg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc7f059321b24bd0633ebdef7c9275f66293e14524a04498e6b564df6a855712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 15:19:03 GMT
x-content-type-options: nosniff
age: 139949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71537
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 22:38:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Dec 2022 15:19:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56F7 2 KB
3 KB 54ms
25ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 35776
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Dec 2021 20:15:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56F7 295 B
756 B 37ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1678
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Dec 2021 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 56F7 0
0 49ms
48ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAOI3lNi6YbvHBJb--gaVrIaYCtTqr4Vn9630sI8PFBABIL3buWBglfrwgYwHoAGbiNGfA8gBAqkCln4cufPtsj7gAgCoAwHIAwiqBOMDT9C_pJGxi054jNpltus6idyZoX2sltWRGiLbcTK2zqNa9LWKKpGp13nXBxBceBkUsaeWjVcZMrJ1bAFRhKNygyGu3QBe_VXVxo9vYZLIrOd7zDTXBuIpVsGrApz7EaaPpFrJcqn0vGPkQaY0Has2aRiznHPzp2p4mIqHpBUOtjMGx0G9TN8ZYHeV46L5p4BuO3mBhxRXnzk_WE8PMn6JHJonDEjaguXsaqE4iCA5Kfw1z3-2vLvjbUo6ga3W42IljcyhyXRhYd0rptGjR2uyA07Rj48SjA-TIe91zXqirP0QJ7jwOGgHtipS2-XXYLk60j0oAkmNjoZywpkbA8k2vpRdw8Zv1g1RA-AW0F_0d0BbKOu4DZJTQmQjtIKINFW6KRTy5Cv6fcCMmgeo761gByd8WRaVtEcrQdSVvR19o27hzMzx3P9GyECPWWbRG3U_jNdoy9dfT2fq3987o-pLx20CByrZ0JrtygqXy-ybYbl_ylK_0RQ7y3r810-a0r6SvsIOXzAsC5dDHa6tGjf5CY2aiGEaVBaO8RINC149ASWzCwLgP9Fy1aqJZJxUvHrwCd1Ar9NVJoNWF0kdbS5jdlvQvynPBOEXaIaaoUvWiVGCejWggw1YlP_jafe4moF7GP9WwAT76Med7wPgBAGSBQQIBBgBkgUECAUYBKAGAoAHzfeuYKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPPZUdIICQiA4YBwEAEYHYAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi04MDI3NjU1OTE3MzQ5NDEwGK2Faw&sigh=ab2RUQD2hiA&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame F4BE 189 KB
54 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 127479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 18:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 18:46:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F4BE 13 KB
5 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 114356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 22:25:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F4BE 89 KB
28 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 18:16:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 18:16:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F4BE 5 KB
2 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 400137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 15:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 15:02:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F4BE 40 KB
13 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 375597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 21:51:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 21:51:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F4BE 3 KB
1 KB 49ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:29:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:11:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F4BE 2 KB
3 KB 28ms
25ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 35776
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Dec 2021 20:15:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F4BE 295 B
353 B 12ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1678
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Dec 2021 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F4BE 0
0 35ms
17ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQKuX4unOmvjcNPSrEqmCcqsymCP8ZdIo_4Bu8knu6kMDR3HSu384OxFFhWqtIG0UvpYvk
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F4BE 0
0 50ms
47ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeVZilNi6YbzHBJb--gaVrIaYCo7p2JRk7fDa-aYJv-EeEAEgvdu5YGCV-vCBjAegAbm-7ugCyAEJqQKWfhy58-2yPuACAKgDAcgDCqoE4wNP0GXcJ4P8WsVEHjiyeZww-IiMt6YT3PkI2ZpXyocukyEaXRpREEbjVdLyAbCj4Ih4zFAo-C0RtJXWs3NrqO2ETC-usp4qQJnjY-K9B4fcSi-upKkD4AMoL0DX5AwVeSpvSHTsHycwv8huCLstT9Sao6ZNMf_L81of4yRK32BjYDuKA8q34A0L_EAbyxND4zpwQ50w81FV4-ZKeOxI-W235XdGt03qLC3MyzPKF7TOREMG8tXPCr0TURscrlt7bFIk8UzW_682FJokgd_4CG492Ibrh5S9M5XhG_X9L0Az92oH1VLft6pwF6ywxXsxm_oLU6RRFQW0-3oolAbchhVSp2SX-TruH5JYoAWWpKqlWAQpIafMZSEtgxPRxnhTkRFmFV8YidheqWzwTU7Bl3bC7Cju3pSGP2hOHghKT8bojikhWxR39uYDG8HDoIe8OrXbI9Mc5J-uFUsuCpXwFs8XpisGCbBj0I5_GMJzM-V4iTR7WFP3iGya2vKxtC_z8Z8MNOroH3CPWnfrQZkFHgyAL0knBEjE8HyzfXtxGDcJOqe6MEw33t5VvkJDar9-fZ3gir6kz0n89t5PyufTaBMmERJazt3gHbtEHFi7zWVa8p3BpCNt96EzmMNI5tMRzx4bYXLABPKjj92RAuAEAZIFBAgEGAGSBQQIBRgEoAYugAevwZGXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEL3DS9IICQiA4YBwEAEYHYAKA8gLAbgTiCfYEw2IFAfQFQGAFwGyFx4KHAgAEhRwdWItODAyNzY1NTkxNzM0OTQxMBithWs&sigh=U3hga17JZ28&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4050599942597266406/ Frame F4BE 14 KB
14 KB 27ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4050599942597266406/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83df779f2cf704604f08fe328102085119b81bc1a617535dd7038632472d737b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 05:02:14 GMT
x-content-type-options: nosniff
age: 263358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14613
x-xss-protection: 0
last-modified: Wed, 19 Jun 2019 14:45:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Dec 2022 05:02:14 GMT

GET
DATA 200
OK truncated
/ Frame F4BE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F4BE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f4425dbb3a7a8a36bf7999d09e5afadf894a53b3d507632fd0b83bd6a28591c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F4BE 21 KB
22 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 10:56:24 GMT
x-content-type-options: nosniff
age: 155708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 10:56:24 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F4BE 21 KB
21 KB 40ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.afr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 20:07:29 GMT
x-content-type-options: nosniff
age: 122643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 20:07:29 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 56F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

95ms
71ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Dec 2021 06:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F4BE 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 35776
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F4BE 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1678
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Dec 2021 05:43:34 GMT

GET
H2 200 / Show response
zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com/SIE/ 7 KB
4 KB 128ms
48ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1zw3m3dlvZEzjE2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cbca60e6440302efd009eede8b98ef20b67c70fd03aa17a15357f8499f2e7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3770
cf-polished: origSize=8435
cf-ray: 6be5c1432cf94099-CDG
edge-control: max-age=604800
x-envoy-upstream-service-time: 12
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-Zl+oHrH091wyF2D+IwygyG7/wd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 63ms
10ms Script
application/x-javascript 2600:9000:2156:7e00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:08:15 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 3797
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GlzMGpzxppleZ-fT99m9PdZW3xiq4E9bG91vnbjDCGcSQP7TrE9evw==
expires: Thu, 16 Dec 2021 07:08:15 GMT

GET
H/1.1 200
OK dest5.html Show response
nd.demdex.net/ Frame C3E1 7 KB
3 KB 33ms
33ms Document
text/html 54.194.29.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.demdex.net/dest5.html?d_nsid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.29.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-29-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 16 Dec 2021 06:11:32 GMT
DCS: dcscanary-prod-irl1-1-v029-087016ec3.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 15 Dec 2021 15:46:15 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: k1D1aaoyQxw=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 46ms
21ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6383583898f0f8a1ee55fb11e1ad0e76ef6a2897617ce9275a49ac4f01cc1203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8552
x-xss-protection: 0

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 22ms
22ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 16 Dec 2021 05:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3206
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: DhZRa1IMZoiWu+ww4F1hnAkIW9A3JP1ZX1Ka4CIWLrfsi37tkewVPMPoXLs5LBXodVCt+t+uXOk=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: W87D6QG85FS6Y3EQ
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
20ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=419599435931961&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092899&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=4&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
20ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1831268437115893&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092900&sw=1600&sh=1200&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
20ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953970877989909&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&rl=&if=false&ts=1639635092901&sw=1600&sh=1200&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.1.1639635091725.1186374593&it=1639635091468&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
374 B 37ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system&.yp=10167916&f=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&enc=UTF-8&yv=1.10.2&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:32 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:11:32 GMT

GET
H/1.1 204
No Content tap
pixel.rubiconproject.com/ Frame C3E1 0
239 B 40ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap?pid=28346&segments=3945729
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 315ms
99ms Image
image/gif 54.198.123.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=afr.com&p=%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u&u=lo3j7DHb2qaaxf09&d=afr.com&g=27223&g0=technology%2C%20article&g1=Aaron%20Patrick&g4=article&n=1&f=00001&c=0&x=0&m=0&y=4167&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&b=2222&_c=market-wrap&_m=email&_x=newsletter&_y=technology&_z=2021-12-16&_s=%7B%22pageViewId%22%3A%224F7F23F5-1F90-4D70-B5B3-4D41C342AE1B%22%7D&t=O9ALmCjHK0eBQbnjxqY2hmBAEmxq&V=129&i=Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system&tz=0&_acct=anon&sn=1&sv=BEk62vBClPLIBSPHOkCgeV26BD14X_&sd=1&im=067b2ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.123.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-123-195.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:33 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F81 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 15 Dec 2021 22:19:03 GMT
expires: Thu, 15 Dec 2022 22:19:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 28349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BC20 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1bd68ed2b5a8c380f48aa351c36330331e9aac3aceab08d11a81bdb3b0114d60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N16sUPJ6wPpEeGbB2CvlIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 16 Dec 2021 06:11:32 GMT
date: Thu, 16 Dec 2021 06:11:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-N16sUPJ6wPpEeGbB2CvlIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F81 35 KB
13 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 19:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 19:39:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BC20 0
0 68ms
62ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1186265036684017&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

404

sync
pixel.advertising.com/ups/28/ Frame C3E1
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=40294997829956380421624948574910904639&_origin=1&redir=true
https://pixel.advertising.com/ups/28/sync?uid=40294997829956380421624948574910904639&_origin=1&redir=true&verify=true

0
254 B

10ms
10ms

Image
text/plain

18.159.242.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/28/sync?uid=40294997829956380421624948574910904639&_origin=1&redir=true&verify=true

Protocol

Server

18.159.242.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-242-165.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:33 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/28/sync?uid=40294997829956380421624948574910904639&_origin=1&redir=true&verify=true
date: Thu, 16 Dec 2021 06:11:33 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 12.8327016048e927965e51.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 55 KB
17 KB 43ms
42ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.afr.com

Requested by

Host: zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com
URL: https://zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1zw3m3dlvZEzjE2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18994
cf-polished: origSize=57365
cf-ray: 6be5c1437d644099-CDG
edge-control: max-age=604800
x-envoy-upstream-service-time: 3
vary: Accept-Encoding
last-modified: Tue, 14 Dec 2021 22:49:08 GMT
server: cloudflare
x-powered-by: Express
etag: W/"e015-17dbb229ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame C3E1 0
0 41ms
41ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=72352&dpuuid=144591926621309046&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame C3E1
Redirect Chain

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=144591926621309046&gdpr=0&gdpr_consent=

42 B
945 B

33ms
33ms

Image
image/gif

52.19.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=72352&dpuuid=144591926621309046&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.19.78.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-069ae8d1e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5AggHdviQ6A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=72352&dpuuid=144591926621309046&gdpr=0&gdpr_consent=
date: Thu, 16 Dec 2021 06:11:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C3E1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=40294997829956380421624948574910904639
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=40294997829956380421624948574910904639

0
338 B

111ms
30ms

Image
text/plain

52.51.5.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=40294997829956380421624948574910904639
Protocol: H2
Server: 52.51.5.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-5-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:11:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1639635093
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=40294997829956380421624948574910904639
date: Thu, 16 Dec 2021 06:11:33 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a003-ash-prod.krxd.net

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 140ms
138ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1zw3m3dlvZEzjE2&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.afr.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bda2c77fad4af7b204729c08dd8f005f19a06ffa099d75a6cd99f07a8d916b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 06:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 7
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 2ea6058589d65076
cf-ray: 6be5c143de144099-CDG

GET
H2

200

/ Show response
adc.nine.com.au/ Frame 407D
Redirect Chain

https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID
https://adc.nine.com.au/?appNexusUid=4331350874324167399

89 B
472 B

357ms
357ms

Document
application/json

52.65.130.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adc.nine.com.au/?appNexusUid=4331350874324167399

Requested by

Host: adc-js.nine.com.au
URL: https://adc-js.nine.com.au/adc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.65.130.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-65-130-251.ap-southeast-2.compute.amazonaws.com

Software

awselb/2.0 /

Resource Hash

e1dcfab61c23bacb9b77a1792b42c9431688b295c57b9acb501377dd0f183d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/

Response headers

server: awselb/2.0
date: Thu, 16 Dec 2021 06:11:33 GMT
content-type: application/json; charset=utf-8
content-length: 89
api-supported-versions: 1.0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
strict-transport-security: max-age=2592000

Redirect headers

Server: nginx/1.17.9
Date: Thu, 16 Dec 2021 06:11:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://adc.nine.com.au?appNexusUid=4331350874324167399
AN-X-Request-Uuid: 1dcda4ed-4c88-4f57-b702-516b935c180a
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame C3E1 0
411 B 494ms
100ms Image
text/html 2600:1f18:6593:f608:78e4:ddc4:e083:81a6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f608:78e4:ddc4:e083:81a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:11:33 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1186265036684017&bg=!V1SlVBDNAAZKWFskSlg7ACkAdvg8WoVguStNtwL7iAMwcwKb4uP0gorUDP_hjmrJONIFXk3PPc2XIAIAAABWUgAAAAxoAQcKACxB0qxTayf9-agSSiI1ApjrRF4PPPppKq12bG85bf027wQ2SZNl5Eq0PT-sh5kCy9vA72mVR9YHLsvj4sSiMpKeOeoUEM6HOgUrxBtlaNWZN9IlWb8v_5ALu4aDI20YSa_6qS7BwtVyOH1lmg-h4nxTPWp2qQCX5LBrLZX1B4GOPCg3yObtiHweLL_sjpfWx2sYS_fx-GfrWsluzzhqVQtzeixF6cs7S7Fnxszp7HcNy9UkUqng4z5WT28dKFMNLBfgtzYWSYj0j6TVlZ2Ux21LzbalXbDCcKsOtSH0bIPtzAHKz4BCttwB7F_Mtc_MS_7fUSVEn9pe6nmDsMNBM2UvGI8di_PGVVr5fzFJm0Aqlajef4zxHwC_1KZzIiqXzuvySZKyyGVCYqCsU9nTGraJMeUV-MdQze9WAPKktCTmti0koSwlY_e9yjE4dwe98ojqIytxDfg-iznO05eVwztXjtZ4cJD-0dE5kYLt32nFRtj9P13Ir75sbP5uG-Xsk9ynJmJqoKzT5ESGL7jAQLCN-hjvUT3sdaCPJ8YFN0Ag32KImcEtLC23i3Jkb4Uk8MNHDY602ziE0_mzxUk90wU9FjArd0haTITGHqXazpgZtEouCsaxTO1FTLSGsVdxZuLsGnT0zpvabtjwgrVmuBkv43qKYSGIcv8_cLJwkRm5J9ThuvhAYGi1BvIGWoM7mc0ZgTSkcSWtxPwmTgiLet6HaxqY9Bk4N0V64gJjNusW3j_fm2mGCL4D_h6gtimSGf6e9TuqH6rWkvjt7Y3UV5bYuoi_fw6ACRDJIg2q7A4nTDBKHd3v_j8oHWtt-ay5Quj6CfmO37hXQFn7_WrEPiPNYhiiTgRTdnSf5vyT4ODkk70YrLDZgHnlz36jWAe5dy0VNMrQfgoUUpCNEukDYnQU6WI-kwUkIins_eHajFU4Dqjqw91s1JVPuo82z_TOQqUkptXvpcnBlL0SKJuO-EyNRc2kyGarxs40IUWndjP1YWYO5pDx0DqlSz0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 0
0 280ms
280ms Preflight 13.238.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.238.96.192 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-238-96-192.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.afr.com
Date: Thu, 16 Dec 2021 06:11:33 GMT
Server: akka-http/10.0.9
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK tp2 Show response
i.ffx.io/com.snowplowanalytics.snowplow/ 2 B
435 B 294ms
294ms XHR
text/plain 13.238.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.238.96.192 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-238-96-192.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.afr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 16 Dec 2021 06:11:34 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.afr.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 56F7 42 B
64 B 44ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssagt1n8b1BmbVhstAI1_1k207w_xDjhKT6C-l3b0MBH3mubBh5MpuaxfeNdnT938X_5uAWSCOsN_Ly019OIfaT4VDcyL3kU9e0h3WLi3aVm--bwOBHWA&sai=AMfl-YR-swXA1FSUh9aRGMjANgpusA2TM-8wrUktBPHzZQMUGBkXm3zwiz9GswZMds5_3I3-dYxOrqFgwCy8hBhxMGC5Gp8B0X6-odWy8-o6tmkpiPh23zQ-DpjfVanU&sig=Cg0ArKJSzK5Oo7idbWe0EAE&cid=CAASPeRoO4Ub8abcUw_uNsMG6mLfEPbxwULNxe7h2iSpMDobT0VpgJu3gfa_1q2Hdtw0jHASSoaI-fC3j5u_Z7s&id=ampim&o=315,208&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=100&tls=1100&g=100&h=100&tt=1100&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1855092649

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
368 B 34ms
34ms Image
image/gif 54.216.167.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_b25_afr.com-brand%20only_S&asn=afr.com-brand%20only&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=nxflmiftx4leud2fatcyckjhrii0t1639635091&prv=1&c6=vc,b25&ca=NA&c13=asid,P70F2B436-31E2-4369-A3CB-294DC350A880&c32=segA,NA&c33=segB,Financial%20Review%20-%20Technology&c34=segC,NA&c15=apn,afr&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,g069vpbjht7bevs616f1a9ltxlaad1639635092&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16396350919796429&c30=bldv,6.0.0.615&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=p59i2u&c3=st,c&c64=starttm,1639635094&adid=p59i2u&c58=isLive,false&c59=sesid,&c61=createtm,1639635094&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1639635094&rnd=335848
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.167.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-167-233.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:11:34 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.afr.com/	1970-01-19 23:27:16	Name: _sp_ses.0af9 Value: *
www.afr.com/	1969-12-31 23:59:59	Name: _bsMode Value: true
.afr.com/	1970-01-20 03:46:27	Name: optimizelyEndUserId Value: oeu1639635091493r0.9535688489429703
.linkedin.com/	1970-01-20 00:10:27	Name: UserMatchHistory Value: AQJ2budw6ALpUwAAAX3B3gC_Bs823sbjmmrJegzG-i1pWh-wg69K2W9IBcMCmubqXsuUijOXNl_1Qw
.linkedin.com/	1970-01-20 00:10:27	Name: AnalyticsSyncHistory Value: AQLXKeETpDMqjAAAAX3B3gC_lFEvvzFOHFptMh0cxstPeNUcFzpbSznJHuPDpYqHF8rFiDK1du4_KCFTXXMJYQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:59:08	Name: bcookie Value: "v=2&ccf3486d-95fc-436d-8dd7-5773bf0e54d1"
.linkedin.com/	1970-01-19 23:28:41	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2375:u=1:x=1:i=1639635091:t=1639721491:v=2:sig=AQEZyMCfobBrofa9vuFp0L-2BTqoPeqB"
.afr.com/	1970-01-20 01:36:51	Name: _fbp Value: fb.1.1639635091725.1186374593
.twitter.com/	1970-01-20 16:58:27	Name: personalization_id Value: "v1_8KqA69RiTJfNraUA5+fQfw=="
.yahoo.com/	1970-01-20 08:13:12	Name: A3 Value: d=AQABBJPYumECEGIJr_hh_Hhm9WvXGo0odHkFEgEBAQEqvGHEYQAAAAAA_eMAAA&S=AQAAAiAQa_vJhueWTb3SQG7-qp4
.afr.com/	1970-01-20 01:36:51	Name: _gcl_au Value: 1.1.1451949861.1639635092
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:59:08	Name: bscookie Value: "v=1&202112160611315086251c-5638-4e1a-8948-34ce8ee27a36AQEDGithMQwVLnvBFbK1a-KICLPLeIIV"
.linkedin.com/	1970-01-20 16:54:02	Name: li_gc Value: MTswOzE2Mzk2MzUwOTE7MjswMjH/oyfeSppQGzrt2RKDqNTtkRSS+pyo1LAGHt0D7rvoXw==
.afr.com/	1970-01-20 16:58:27	Name: _sp_id.0af9 Value: fa11d891-bd64-41fa-bc88-5751bdfaba4f.1639635091.1.1639635092.1639635091.1c2f253b-d4f0-49fb-b5a3-19be64db250a
www.afr.com/	1970-01-19 23:28:41	Name: ffx:audienceSegment Value: single/loyal
.afr.com/	1970-01-20 08:12:51	Name: _hjSessionUser_182799 Value: eyJpZCI6IjE3YWM3NGE5LTZiMjAtNTM3YS1iNWMxLTEyYTdhNTk5ZTQ4NyIsImNyZWF0ZWQiOjE2Mzk2MzUwOTE3MTAsImV4aXN0aW5nIjpmYWxzZX0=
.afr.com/	1970-01-19 23:27:16	Name: _hjFirstSeen Value: 1
.afr.com/	1970-01-19 23:27:16	Name: _hjSession_182799 Value: eyJpZCI6ImI5MWI0MDg2LTAyZjktNDMxMS04NGMxLWUzMWYxNzZiNmVkYyIsImNyZWF0ZWQiOjE2Mzk2MzUwOTE5Mzd9
www.afr.com/	1970-01-19 23:27:15	Name: _hjIncludedInSessionSample Value: 1
.afr.com/	1970-01-19 23:27:16	Name: _hjAbsoluteSessionInProgress Value: 1
.afr.com/	1970-01-20 16:58:27	Name: _ga Value: GA1.2.742800808.1639635092
.afr.com/	1970-01-19 23:28:41	Name: _gid Value: GA1.2.1340354250.1639635092
.afr.com/	1970-01-19 23:27:15	Name: _gat_ffxTracker Value: 1
.demdex.net/	1970-01-20 03:46:27	Name: demdex Value: 40133263932122926401645328706895265797
.afr.com/	1969-12-31 23:59:59	Name: AMCVS_BEB5C8A15492DB600A4C98BC%40AdobeOrg Value: 1
.doubleclick.net/	1970-01-20 08:48:51	Name: IDE Value: AHWqTUkBVlxRIppyI-VPDX8emsRIjMU0tkwSE2KKCObFqMclwELbiDfBlEfci9CokDM
.afr.com/	1970-01-20 08:12:51	Name: AMCV_BEB5C8A15492DB600A4C98BC%40AdobeOrg Value: -1176276602%7CMCIDTS%7C18978%7CMCMID%7C40266857893021294331623261580434541884%7CMCAAMLH-1640239891%7C6%7CMCAAMB-1640239891%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1639642291s%7CNONE%7CMCAID%7CNONE
.afr.com/	1970-01-21 01:44:03	Name: _awl Value: 2.1639635092.0.4-5cc573e3-12df48b6e597649010f978b8123631aa-6763652d6575726f70652d7765737431-61bad894-0
.imrworldwide.com/	1970-01-20 08:48:51	Name: SSCVER Value: v1
.imrworldwide.com/	1970-01-20 08:48:51	Name: IMRID Value: 03c38440-5e37-11ec-a2b9-d9e8470f5eef
.afr.com/	1970-01-20 00:10:27	Name: aam_uuid Value: 40294997829956380421624948574910904639
.adnxs.com/	1970-01-20 01:36:51	Name: uuid2 Value: 4331350874324167399
.afr.com/	1970-01-19 23:27:16	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.afr.com/technology/cyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u?utm_content=technology&list_name=2F6E16F3-E586-4778-AFFF-33811F208B65&promote_channel=edmail&utm_campaign=market-wrap&utm_medium=email&utm_source=newsletter&utm_term=2021-12-16&mbnr=MTE4OTMwMzA&instance=2021-12-16-16-58-AEDT&jobid=29352524%22%2C%22sref%22:%22%22%2C%22sts%22:1639635092171%2C%22slts%22:0}
.afr.com/	1970-01-20 08:56:39	Name: _parsely_visitor Value: {%22id%22:%22pid=eeef1973cabc3ce3f1320ac6c7c581c8%22%2C%22session_count%22:1%2C%22last_session_ts%22:1639635092171}
.turn.com/	1970-01-20 03:46:27	Name: uid Value: 7219760580196216681
.dpm.demdex.net/	1970-01-20 03:46:27	Name: dpm Value: 40133263932122926401645328706895265797
.eyeota.net/	1970-01-20 08:12:51	Name: mako_uid Value: 17dc1de036b-18f70000010f44ce
.eyeota.net/	1970-01-19 23:27:15	Name: SERVERID Value: 17614~DM
.casalemedia.com/	1970-01-20 08:12:51	Name: CMID Value: YbrYlO752XQkGXci6hNvfQAA
.casalemedia.com/	1970-01-20 01:36:51	Name: CMPS Value: 5223
.casalemedia.com/	1970-01-20 01:36:51	Name: CMPRO Value: 1184
.casalemedia.com/	1970-01-19 23:28:41	Name: CMST Value: YbrYlGG62JQA
.everesttech.net/	1970-01-20 08:12:51	Name: everest_g_v2 Value: g_surferid~YbrYlAAAKjQ_WgAZ
.afr.com/	1970-01-20 08:48:51	Name: __gads Value: ID=ef3bdf1ddd318a47:T=1639635092:S=ALNI_MYE8V6wAibT4BCKvWkashLK0VuBtA
.doubleclick.net/	1970-01-19 23:27:18	Name: DSID Value: NO_DATA
www.afr.com/	1970-01-20 08:56:03	Name: _cb_ls Value: 1
www.afr.com/	1970-01-20 08:56:03	Name: _cb Value: lo3j7DHb2qaaxf09
www.afr.com/	1970-01-20 08:56:03	Name: _chartbeat2 Value: .1639635092968.1639635092968.1.BEk62vBClPLIBSPHOkCgeV26BD14X_.1
www.afr.com/	1970-01-19 23:27:16	Name: _cb_svref Value: null
.nine.com.au/	1970-01-20 08:12:51	Name: NUID Value: 6c2f8d488b59488ca0a0c6673cb0a268
.afr.com/	1970-01-20 08:12:51	Name: NUID Value: 6c2f8d488b59488ca0a0c6673cb0a268
.demdex.net/	1970-01-20 03:46:27	Name: dextp Value: 358-1-1639635092116\|470-1-1639635092140\|481-1-1639635092155\|466-1-1639635092183\|771-1-1639635092198\|782-1-1639635092214\|832-1-1639635092246\|23728-1-1639635092260\|30064-1-1639635092276\|30646-1-1639635092291\|6835-1-1639635093017\|19566-1-1639635093047\|72352-1-1639635093064\|66757-1-1639635093079\|796-1-1639635093096
.3lift.com/	1970-01-20 01:36:51	Name: tluid Value: 144591926621309046
.adaptv.advertising.com/	1970-01-20 08:48:51	Name: adaptv_unique_user_cookie Value: "4315420328653096569__TIME__2021-12-15+22%3A11%3A33"
.advertising.com/	1970-01-20 08:48:51	Name: APID Value: VB041b0138-5e37-11ec-8d51-0e3711fa0034
.krxd.net/	1970-01-20 03:46:27	Name: _kuid_ Value: OiyqQOI2
.fwmrm.net/	1970-01-20 03:46:27	Name: _uid Value: "e5901_7042179101809457182"

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nova.collect.igodigital.com/c2/10510523/track_page_view?payload=%7B%22title%22%3A%22Cyber%20criminals%20force%20shutdown%20of%20NSW%20budgeting%20system%22%2C%22url%22%3A%22https%3A%2F%2Fwww.afr.com%2Ftechnology%2Fcyber-criminals-force-shutdown-of-nsw-budgeting-system-20211216-p59i2u%3Futm_content%3Dtechnology%26list_name%3D2F6E16F3-E586-4778-AFFF-33811F208B65%26promote_channel%3Dedmail%26utm_campaign%3Dmarket-wrap%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3D2021-12-16%26mbnr%3DMTE4OTMwMzA%26instance%3D2021-12-16-16-58-AEDT%26jobid%3D29352524%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%7D%7D Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=466%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://pixel.advertising.com/ups/28/sync?uid=40294997829956380421624948574910904639&_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10510523.collect.igodigital.com
6633783.fls.doubleclick.net
96d2fec632341d33d327cc999b916144.safeframe.googlesyndication.com
a304207300.cdn.optimizely.com
ad.doubleclick.net
adc-js.nine.com.au
adc.nine.com.au
adservice.google.com
adservice.google.de
analytics.twitter.com
api.afr.com
beacon.krxd.net
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.optimizely.com
cdn.parsely.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
d2uhnetoehh304.cloudfront.net
dmp.v.fwmrm.net
dmpsync.3lift.com
dpm.demdex.net
fairfaxau.demdex.net
fairfaxau.sc.omtrdc.net
fairfaxmedia.gscontxt.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ffx.io
ib.adnxs.com
image5.pubmatic.com
l.ffx.io
logx.optimizely.com
mb.moatads.com
nd.demdex.net
nova.collect.igodigital.com
nxflmiftx4leud2fatcyckjhrii0t1639635091.nuid.imrworldwide.com
p1.parsely.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.advertising.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
rtd-tm.everesttech.net
rtd.tubemogul.com
s.yimg.com
script.hotjar.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
sjs.bizographics.com
snap.licdn.com
sp.analytics.yahoo.com
ssum.casalemedia.com
static-au.plista.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.ffx.io
static.hotjar.com
stats.g.doubleclick.net
sync.adap.tv
sync.adaptv.advertising.com
t.co
teenytinyshirt.com
token.rubiconproject.com
tpc.googlesyndication.com
usermatch.krxd.net
vars.hotjar.com
vc.hotjar.io
www.afr.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
z.moatads.com
zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com
104.117.200.111
104.17.208.240
104.244.42.3
104.244.42.5
108.174.10.14
13.238.96.192
136.243.44.4
142.250.184.198
142.250.185.130
142.250.185.66
143.204.103.127
143.204.98.104
143.204.98.123
143.204.98.62
143.204.98.82
15.236.176.210
151.101.194.49
151.101.2.49
158.101.192.201
18.159.242.165
185.33.221.50
199.232.136.157
2.18.233.180
2.18.234.21
2.18.235.40
2001:678:cb4:bbbb::13
212.82.100.181
212.82.100.182
2600:1f18:6593:f608:78e4:ddc4:e083:81a6
2600:9000:2156:2200:8:48e:53c0:93a1
2600:9000:2156:2800:10:2964:9d00:21
2600:9000:2156:4800:2:42d9:3100:93a1
2600:9000:2156:7e00:18:1fcd:34f:cdc1
2600:9000:2156:8600:7:3896:c640:93a1
2600:9000:2156:9400:1e:a43d:b640:93a1
2600:9000:2156:e200:1d:667e:2a40:93a1
2620:1ec:21::14
2a00:1288:80:800::7000
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c08::9d
2a02:26f0:6c00:2a8::13b8
2a02:26f0:6c00::210:ba11
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42::645
3.121.27.153
3.230.12.180
3.24.79.120
35.201.103.212
52.19.78.71
52.2.183.88
52.205.167.202
52.206.55.189
52.48.241.99
52.50.167.210
52.51.5.121
52.55.14.119
52.65.130.251
52.72.206.84
54.194.29.148
54.198.123.195
54.216.167.233
69.173.144.138
76.223.111.18
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07a7e43a30c29cd24df54879f4fc788b60a76962f3b3c5623717c19762240225
0d1e76ca3396b62699c5f3eb6e6ff2bdabe918585087456261fabab1be42682d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10c7204911d070a91cada0d5fd2284354115fbb6c5a94030c96364f7aa1eb912
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119bb7798be016a11bdf5f4624b1f787245098cb00ba57215a885f46dbd69952
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
14e4b088db7fbce1fc7c9e34f33ce0766a0359a92f87b73df2b4b72d24a6a769
1588d2683e7346bb70eeb5caac3fc0ca9677a7e06abea265eafedbc436799dd3
1865d42765b5027e000f4e2a89728fb6a95d4499b1286314818302232af83ac8
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1bd68ed2b5a8c380f48aa351c36330331e9aac3aceab08d11a81bdb3b0114d60
24299c4b303ebcaf5d9ec10c241bb7d76c97bf7fb2deefbf494a8f81f0ec6edb
260ac4e42a25b35fde529fee4fe464ab9da455e2309a0a5201e752f74b617978
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea
2994e5cf6434258acfebc3f9b4a9fdf13364e04e479f33c8b655f07378f3ce6e
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3376b01eacfef1067dacb1c3e5897b77b0a37672a91aa65733b18d8165a15c2a
338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3
359f8ed8d34689010e4f74af5f02087e3f86e0fd67f808590968e2048c9a2015
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a4563ffaeeaced1791519dd6045609445d91ae57336197c834cdf9248c30dbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
408e38d683d5027fb0daea6c48ea2ed78013cbe66ad48e2473a3ab43486decc6
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453b9ac9d54282c9838b51a5ea6d8fc34983a90050a750bccccc339e61109d86
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
4724191f7ca09a5180d6c9c10b26b5031989b816b1d35ee4491bb49e915eb45c
47c87e2004b4452b33d08a61a3807a87c6fec50158f9909ac1013f4b81e8bb41
48f2243a31d116f576b0c06cbed9b9ad55d92a8910ec53f9fbe525ec020649db
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4ec337438cc11dc83e485509ba0177cbb8864fcce472406d2264f448a087aa81
4f74e45fb7b32720dbcb187923c4684517d0e224a63fa52af86b8f9d73076207
54b3121637851046e882df8591a9f2c4472adc2f0c39290cd583e9fccf1aace0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c30f22e7e1510aad981ef28221c6f81e88fbcc00f3d899ab4a968a22e91589
59d1fe77c0d1ebe0d67f0573054abc91778b82b7ffe93e734720986ec4496650
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6140b4b94aa1527ecdc692c0d700dda90686a444f7473b72fd2bd13969ea741e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6383583898f0f8a1ee55fb11e1ad0e76ef6a2897617ce9275a49ac4f01cc1203
639a7a95b02c474fec6945d4d6e38c573669d01cd855947d0dfd44ac67d579bc
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
684ecc96eb34b07fa188c8ad751ebc4312da5f6fb4e1be79aae6637b39eb5c69
68bf6bbd8ede36c8dd906d2e6b2a60736fda20ab6d539db3a4d15a2dfbade5f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cbca60e6440302efd009eede8b98ef20b67c70fd03aa17a15357f8499f2e7ae
714892f1fc598fef48b0331e7af69cdac69bfb2cec684d199b8650da4a278c75
716379f581fc195c5b540c826ae27d0820cf99421dc0f6d9b745df2e8343d343
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
77905c5ecbcaa3513dd7670bf664895a2fdb7e1d247315834e45c21d1fb5e837
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d5ac146a961671fccb452da7c328090e11a4190cce2e6f9bce90201f3c5f91f
7f4425dbb3a7a8a36bf7999d09e5afadf894a53b3d507632fd0b83bd6a28591c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83df779f2cf704604f08fe328102085119b81bc1a617535dd7038632472d737b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee
85b8608ed2ca9ff20154fd917a7235ddda73eda72d5e1f41200d6af2f9b87995
878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261
8a5570ecf8e28d76f8a37cefca479d4fbe3b77f97b74a6fa6f67e29ae9159ffb
8b56cf3ff69da24ee4d01b00d8bbad12a602a1f083e47c6646b02b639fd633fd
934d4d6010b2bfc6795c8212555ff307c8e883a8fa5f974f601773d4f17e156f
97fa4dba38be379bd980479ca40573df4f0b1a404f5ef806774f49304aa917e9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f1703194404bb92859310b44abe9d9b959b98cc39d6f41d351c61070a92c24b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c78596628f7e53c40bbfd0e9eed225181c4c2933a6e051e8fa46c30b221d1f
a3d0f7c45107f6f097378459c64f8c02461a44afe9d787009eb75c709d6ff3df
a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752251c3deedca296039004ba705bf1b52272f6c30530eada1249e0d2654fbc
a93db22361638ad844d2426f443e3fab8bad00eb577c598ac0933783fc150e3f
aa06bd7bb55b1c88e33665469e8713ddf79a7cff7f08cfa7496220db9c0f28db
ab31b0d53c708a6462e95500691c8204153ad7a79a5aca8bd656e54db4a0452c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
afb63db6a68a5e920797bd48f920f3a184bcb5167d03de7a2a8ffa5ba6021399
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b462ede43ecdda05f2c835d4c3178d5d2fa2567dd194963027095fb4f8102f4d
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bcf86c48df6f76b921cce4d3b354c52312027494dbac002cf58ff39ca8593ff5
bda2c77fad4af7b204729c08dd8f005f19a06ffa099d75a6cd99f07a8d916b57
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c4fe705425ffc7ce3f6d619124d5b25c543b84e5491569c5453024ff6a436764
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c84f600853a8e326041490ebc85d7a89b87ab3a54047c0401b78f34f6ed6254b
c8907bb6a4a900a6375c8537f1e572a96088517af62c024a22451de7dee301b3
c8efa1a619cfda5c02f0f692b723dc494ed257d6b88fb4b86c4aaed441593869
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff16f1c26a495b4cca5f0f8c6f28f508e007896d0520ecf90a7e34b71d5e30a
d0fea8e26b7517f3b706f0da87541a0f3eb75f92efd68677c947ff5527d86338
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc7f059321b24bd0633ebdef7c9275f66293e14524a04498e6b564df6a855712
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e08410c46d34e10e615b8db79c9ff00de29e1a60179ede7a355d1d9c1c5307c8
e1318ed0a70ecc8e33eed8ea3551ea2ce4ce529da22306214e0590fcc0b7de1c
e1dcfab61c23bacb9b77a1792b42c9431688b295c57b9acb501377dd0f183d84
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504def0bd25a13ca7bd73b46a5f8d97ce4d8ef6e3f639b493b36698dd398955
e8a2bc039ea82266ecd31dcb748fe90f212f6358fcf2502eb0061d9652b3638f
ee31e815e42257e6bf25bcca009e515cfd5dcdbb0bbf93ba734da2ed81cb1a8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
fa84adaa52138db2f2ca946b1e3ce31105a39a9a1f1b5fb25ad456241c2d0e73
fdb3c6cf003fd30bfc3edd21a3664edc2b4407daef1879323378c491742c93ec
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff7fd49dc02d60fd506a5d9d697453b13c1fff4f9d9974b11302a65f59dfb2c3

www.afr.com Open in urlscan Pro 2a04:4e42:200::645 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

189 Requests

92 %HTTPS

40 %IPv6

52 Domains

85 Subdomains

65 IPs

10 Countries

2326 kBTransfer

6942 kBSize

59 Cookies

20 Outgoing links

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.afr.com Open in urlscan Pro
2a04:4e42:200::645 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

92 %
HTTPS

40 %
IPv6

52
Domains

85
Subdomains

65
IPs

10
Countries

2326 kB
Transfer

6942 kB
Size

59
Cookies

189 HTTP transactions
4 data transactions