www.itnews.com.au Open in urlscan Pro
203.176.102.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Submission: On December 16 via api (December 16th 2021, 6:15:07 am UTC) from GB — Scanned from GB

Summary HTTP 295 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 51 IPs in 7 countries across 34 domains to perform 295 HTTP transactions. The main IP is 203.176.102.69, located in Kirrawee, Australia and belongs to NXGNET-AS-AP Nextgen Networks, AU. The main domain is www.itnews.com.au.
TLS certificate: Issued by SSL.com RSA SSL subCA on July 16th 2021. Valid for: a year.

This is the only time www.itnews.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 39	203.176.102.69 203.176.102.69	38809 (NXGNET-AS...) (NXGNET-AS-AP Nextgen Networks)
12	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
23	203.176.102.67 203.176.102.67	38809 (NXGNET-AS...) (NXGNET-AS-AP Nextgen Networks)
13	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	107.178.240.224 107.178.240.224	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
16	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
16	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
18	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
8	204.154.110.79 204.154.110.79	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
3 7	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
29	2600:9000:215... 2600:9000:2156:ac00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	34.254.124.164 34.254.124.164	16509 (AMAZON-02) (AMAZON-02)
7 11	54.194.64.183 54.194.64.183	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.21.179.197 52.21.179.197	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
15	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
295	51

39 203.176.102.69 (Kirrawee, Australia) 8 redirects

ASN38809 (NXGNET-AS-AP Nextgen Networks, AU)
PTR: secure.nextmedia.com.au

www.itnews.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 203.176.102.67 (Kirrawee, Australia)

ASN38809 (NXGNET-AS-AP Nextgen Networks, AU)
PTR: i.nextmedia.com.au

i.nextmedia.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com

koi-3qnnf9xqbw.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.22.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

itnewsnext.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 204.154.110.79 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: bs-ec.doubleverify.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-nyc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:2156:ac00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.124.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-124-164.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.194.64.183 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-64-183.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c6af3b5b9e735cc269aeaca87476651b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.179.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-179-197.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	itnews.com.au 8 redirects www.itnews.com.au	247 KB
30	disquscdn.com c.disquscdn.com a.disquscdn.com	834 KB
26	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com c6af3b5b9e735cc269aeaca87476651b.safeframe.googlesyndication.com	448 KB
25	doubleclick.net 4 redirects ad.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	177 KB
23	nextmedia.com.au i.nextmedia.com.au	640 KB
18	gstatic.com fonts.gstatic.com	342 KB
17	twitter.com platform.twitter.com syndication.twitter.com analytics.twitter.com	440 KB
16	dianomi.com www.dianomi.com	31 KB
16	googleapis.com fonts.googleapis.com ajax.googleapis.com	112 KB
15	ampproject.org cdn.ampproject.org	306 KB
13	disqus.com itnewsnext.disqus.com disqus.com referrer.disqus.com	113 KB
12	prfct.co 7 redirects pixel-geo.prfct.co pixel.prfct.co	5 KB
12	doubleverify.com cdn.doubleverify.com tps.doubleverify.com tpsc-nyc.doubleverify.com	192 KB
8	google.com 3 redirects www.google.com adservice.google.com	2 KB
7	2mdn.net s0.2mdn.net	2 MB
6	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	134 KB
6	facebook.com www.facebook.com	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	googletagservices.com www.googletagservices.com	136 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	64 KB
3	adnxs.com 2 redirects secure.adnxs.com	3 KB
3	facebook.net connect.facebook.net	200 KB
2	twimg.com cdn.syndication.twimg.com pbs.twimg.com	7 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	575 B
2	google.co.uk www.google.co.uk adservice.google.co.uk	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	marketingautomation.services koi-3qnnf9xqbw.marketingautomation.services	6 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	openx.net us-u.openx.net	275 B
1	addthis.com 1 redirects cw.addthis.com	453 B
1	perfectaudience.com tag.perfectaudience.com	4 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	61 KB
295	34

	Domain	Requested by
39	www.itnews.com.au	8 redirects www.itnews.com.au ajax.googleapis.com
29	c.disquscdn.com	itnewsnext.disqus.com disqus.com c.disquscdn.com www.itnews.com.au
23	i.nextmedia.com.au	www.itnews.com.au
18	fonts.gstatic.com	fonts.googleapis.com
16	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com www.itnews.com.au securepubads.g.doubleclick.net
16	www.dianomi.com	www.itnews.com.au www.dianomi.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
13	platform.twitter.com	www.itnews.com.au platform.twitter.com
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.itnews.com.au
12	fonts.googleapis.com	www.itnews.com.au www.dianomi.com securepubads.g.doubleclick.net
11	pixel-geo.prfct.co	7 redirects www.itnews.com.au
9	pagead2.googlesyndication.com	tpc.googlesyndication.com www.itnews.com.au securepubads.g.doubleclick.net www.googletagservices.com
8	disqus.com	itnewsnext.disqus.com c.disquscdn.com
7	www.google.com	3 redirects www.itnews.com.au tpc.googlesyndication.com
7	googleads.g.doubleclick.net	www.googleadservices.com www.itnews.com.au
7	s0.2mdn.net	www.dianomi.com www.itnews.com.au
6	tpsc-nyc.doubleverify.com	cdn.doubleverify.com
6	www.facebook.com	www.itnews.com.au
4	www.googletagservices.com	www.itnews.com.au securepubads.g.doubleclick.net
4	itnewsnext.disqus.com	www.itnews.com.au itnewsnext.disqus.com
4	ad.doubleclick.net	3 redirects www.dianomi.com
4	cdn.doubleverify.com	www.dianomi.com www.itnews.com.au ad.doubleclick.net
4	ajax.googleapis.com	www.itnews.com.au ajax.googleapis.com
3	t.teads.tv	www.itnews.com.au
3	secure.adnxs.com	2 redirects www.itnews.com.au
3	syndication.twitter.com	platform.twitter.com www.itnews.com.au
3	connect.facebook.net	www.itnews.com.au connect.facebook.net
2	a.teads.tv	securepubads.g.doubleclick.net s8t.teads.tv
2	ups.analytics.yahoo.com	1 redirects www.itnews.com.au
2	tps.doubleverify.com	cdn.doubleverify.com
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.itnews.com.au www.google-analytics.com
2	koi-3qnnf9xqbw.marketingautomation.services	www.itnews.com.au koi-3qnnf9xqbw.marketingautomation.services
1	pbs.twimg.com	www.itnews.com.au
1	s8t.teads.tv	a.teads.tv
1	cdn.syndication.twimg.com	platform.twitter.com
1	referrer.disqus.com	www.itnews.com.au
1	a.disquscdn.com	www.itnews.com.au
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	www.itnews.com.au
1	us-u.openx.net	www.itnews.com.au
1	pixel.prfct.co	www.itnews.com.au
1	cw.addthis.com	1 redirects
1	analytics.twitter.com	www.itnews.com.au
1	c6af3b5b9e735cc269aeaca87476651b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	in.hotjar.com	script.hotjar.com
1	www.google.co.uk	www.itnews.com.au
1	stats.g.doubleclick.net	www.google-analytics.com
1	tag.perfectaudience.com	koi-3qnnf9xqbw.marketingautomation.services
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.itnews.com.au
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.itnews.com.au
295	59

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
googleprojectzero.blogspot.com
citizenlab.ca
www.crn.com.au
www.bit.com.au
www.iothub.com.au
www.nextmedia.com.au
www.interactive.com.au

Subject Issuer	Validity	Valid
itnews.com.au SSL.com RSA SSL subCA	`2021-07-16` - `2022-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
i.nextmedia.com.au SSL.com RSA SSL subCA	`2021-12-12` - `2022-12-12`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.marketingautomation.services Sectigo RSA Organization Validation Secure Server CA	`2020-03-12` - `2022-06-10`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.perfectaudience.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.prfct.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Frame ID: 79B16F7329C3E03347A915BA34AB555B
Requests: 127 HTTP requests in this frame

Frame: https://www.dianomi.com/recirculation.epl?id=119
Frame ID: E5412C88EA5056CB8232123B62220BA0
Requests: 11 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5141
Frame ID: 62E61D7AE06E9CB03C6BD7466863B71C
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.itnews.com.au
Frame ID: 91F14EF1B808547A7FEACC42EDAEBD10
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1940.js
Frame ID: 623588412E6C78C7291094B28E3AE6FE
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 978D9573D0DE489E320F1F1574304CC9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7AE6B0A3D3162CF047E61B64F0D45DEA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1940.js
Frame ID: 24C0F59618C21B5D6F9A7A40652906AB
Requests: 5 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
Frame ID: 34E04B4D6CE3E1E521D2F48AC5B5CA25
Requests: 13 HTTP requests in this frame

Frame: https://c6af3b5b9e735cc269aeaca87476651b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DDCE3E3C46722942FDFA985D3360E16B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: D331942B449DCFF42C1CCAAD123B94F2
Requests: 14 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage
Frame ID: 7DAEC738723D0F61690E23294967B510
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111011823000/amp4ads-v0.mjs
Frame ID: DEDB7471F3423D93CF18F35F0468E8EF
Requests: 18 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: F323F9A3F0C86FC28155A2B6163A2628
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: B38FB905D39BC4AAE07F8BFB2C6FD471
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111011823000/amp4ads-v0.mjs
Frame ID: 3BA6477F9219B90BC4D0761C16834119
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111011823000/amp4ads-v0.mjs
Frame ID: DF8F5364DA47032D779AE2DF88F41D12
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVJdBiGybu9qT1uJpxZO_47AeZCbD3x0iJVq-CdlcxbOODfLC6f6q_lYVLggboCQ6iqWP6P8fxak-uYqyFmy4eafPDnNCsXjU8MoKnwb79KIUAKUBjF3FS41SWN7ZgOsAJqvh-Dz4mUaSWpYaeXlvr0hPx-dH1o0RKmLqmnnTHJ3TzLfDmMHFwifuCOYIHHrIVKFDXqOH_EFJ92MKJi6ljlSFIBaSslTggOmiCOJEhVzihC_-Sdwuih9HA7EIngn4NHZJKScLUxl7aUj8iTl8xh-fO6z7DM5WSsYnXgiz7nudPS0s7Q1-v&sig=Cg0ArKJSzHzxCsNR7wiFEAE&uach_m=[UACH]&adurl=
Frame ID: 2CB27DC42E8862418CB6ADF11A02ABB5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIg8Esdc78szbVlduuWSoWeMYLmPS8eDIHKT_8_Bw5Yxr9uL6JDqt6pWnpzCNZ8_SPxGBnjGx8M_0oAfhOwAfGb6HoaxePUweWqL-3FLP8wMYRe-lJznQLoexMBqevHACr79U61tbhG__Rd0-bA20YaW0qGheTzoPhzu7p3V2rCp5P2kfoHWOxmS41CLsYlImpvbYCf6YU3SbBR2vJneKlUtk89xK638ph9gI0OfGF4tahJyOsmeVV7myQZUBM4PIqdvGKVR0GLGqrTsU5-jcKOKbsohHD8yDSWAFoq_2CpCZDfTh6zsKRaQo&sig=Cg0ArKJSzM3_GVhC5fNBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 74D2BC345A4244E38A0D3859732ED027
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv60_Ru8AXErdMX2Gj_Wwk3XUN8gUbTTBdL_y6CYL4WlYJRr2JC8yuXMbrLHXzbi80CRJIs0BR8GAPYtxwxnFv4nNkay8zxjO64-FpE4uy7iuTpZ8LpUKWM-cwpqSecXzLEVeI6Gu9N0-FqQ7Tzb8fkzbxPEQS8gc04AxrnBhDCT66nwECdd6Xxgx_sXxgsndSA6MuIPkkNYKEe-lsTn4ofi9HqeL_C2fDnVxLEP-LdJiLVweKrMagO51lg4VYqDk08jvAALCO354kbkHSrGHIKshNz8pNG-qJha-oMitqMQkHu3jRLGSlwa49Iz1j8FnJivHLSAX84bfCiaSRvIg&sig=Cg0ArKJSzPZZuOFTR1EuEAE&uach_m=[UACH]&adurl=
Frame ID: 2D8E40839866FC9EC2CD7B9DF5EBD204
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AA9573012BB290DD75D8DFF4937D8B2B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BD198B96830CF62390A6E74F6E7A82B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B4519F449D61CFCB0A50E27BDDECD52
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D0DBBDCCCBB5AE4FAE7AAC006493523
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NSO Group used fake GIFs to hack Apple iMessage - Security - iTnews

Page Statistics

295
Requests

93 %
HTTPS

47 %
IPv6

34
Domains

59
Subdomains

51
IPs

7
Countries

6665 kB
Transfer

12643 kB
Size

45
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/itnews_au

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iTnewsAustralia

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/itnews

Search URL Search Domain Scan URL

URL: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html
Title: analysis

Search URL Search Domain Scan URL

URL: https://citizenlab.ca/
Title: Citizen Lab

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&related=&url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%3Futm_source=desktop%26utm_medium=twitter%26utm_campaign=share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fwww.itnews.com.au%2fnews%2fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%3Futm_source=desktop%26utm_medium=facebook%26utm_campaign=share

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%3Futm_source=desktop%26utm_medium=linkedin%26utm_campaign=share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fwww.itnews.com.au%2fnews%2fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%3Futm_source%3Dmobile%26utm_medium%3Dfacebook%26utm_campaign%3Dshare

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%3Futm_source%3Dmobile%26utm_medium%3Dlinkedin%26utm_campaign%3Dshare

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/fast50/presentation-2021?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: CRN FAST50: Top 10 revealed!

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/partners-say-microsofts-new-pricing-punishes-flexibility-572423?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Partners say Microsoft’s new pricing punishes flexibility

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/vocus-launches-cloud-based-calling-offering-for-zoom-phone-572442?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Vocus launches cloud-based calling offering for Zoom Phone

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/zoom-hires-ex-nutanix-dell-exec-jacob-pereira-as-apac-channel-chief-572464?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Zoom hires ex-Nutanix, Dell exec Jacob Pereira as APAC channel chief

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/google-cloud-anz-channel-chief-rhody-burton-jumps-to-hashicorp-572381?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Google Cloud ANZ channel chief Rhody Burton jumps to HashiCorp

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/review/venom-blackbook-zero-15-phantom-573253?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Venom BlackBook Zero 15 Phantom

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/guide/how-are-parents-utilising-health-tech-to-give-their-dogs-a-voice-573844?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: How are parents utilising health tech to give their dogs a voice?

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/guide/the-trends-driving-australian-businesses-to-bundle-and-aggregate-services-573853?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: The trends driving Australian businesses to bundle and aggregate services

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/guide/technology-predictions-for-2022-and-beyond-573344?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Technology predictions for 2022 and beyond

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/news/how-long-will-a-ups-keep-your-computers-on-if-the-lights-go-out-316806?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: How long will a UPS keep your computers on if the lights go out?

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/news/2021-iot-awards-winners-announced-572454?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: 2021 IoT Awards winners announced

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/news/announcing-the-2021-iot-awards-finalists-571728?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Announcing the 2021 IoT Awards finalists

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/news/aldi-supplier-trials-rfid-tags-on-bananas-572469?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Aldi supplier trials RFID tags on bananas

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/news/how-australia-is-advancing-iot-the-2021-iot-awards-winners-573086?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: How Australia is advancing IoT: the 2021 IoT Awards winners

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/
Title: BIT

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/
Title: CRN Australia

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/
Title: IoT Hub

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.interactive.com.au/

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.itnews.com.au/Images/mobile-share-twitter.png HTTP 301
https://www.itnews.com.au/images/mobile-share-twitter.png

Request Chain 20

https://www.itnews.com.au/Images/mobile-share-facebook.png HTTP 301
https://www.itnews.com.au/images/mobile-share-facebook.png

Request Chain 21

https://www.itnews.com.au/Images/mobile-share-linkedin.png HTTP 301
https://www.itnews.com.au/images/mobile-share-linkedin.png

Request Chain 22

https://www.itnews.com.au/Images/mobile-share-whatsapp.png HTTP 301
https://www.itnews.com.au/images/mobile-share-whatsapp.png

Request Chain 23

https://www.itnews.com.au/Images/mobile-share-email.png HTTP 301
https://www.itnews.com.au/images/mobile-share-email.png

Request Chain 45

https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png HTTP 301
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png

Request Chain 46

https://www.itnews.com.au/Images/itnews-logo-white.png HTTP 301
https://www.itnews.com.au/images/itnews-logo-white.png

Request Chain 47

https://www.itnews.com.au/Images/search-icon.png HTTP 301
https://www.itnews.com.au/images/search-icon.png

Request Chain 83

https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_pre=CKuO9LvV5_QCFZdr4Aodi-4M8w;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 84

https://ad.doubleclick.net/ddm/ad/N1224350.160898DIANOMI/B24058941.271704368;sz=1x1;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
https://ad.doubleclick.net/ddm/ad/N1224350.160898DIANOMI/B24058941.271704368;dc_pre=CLOP9LvV5_QCFZCEewodgGwGyQ;sz=1x1;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
https://s0.2mdn.net/9944765/Impression_Tracker.gif

Request Chain 108

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1639635297920%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&liSync=true&e_ipv6=AQJDrUYpl2O8NQAAAX3B4Sh0WKh92vjuTctcQHMkKePTN3PCF84KnNWrCyGczYADUpHn7gx0fg

Request Chain 132

https://pixel-geo.prfct.co/tagjs?a_id=147698&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag

Request Chain 152

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202112|61bad961c538eb1baf3672ab&pid=pa_x7PmDvb0VzjoeVL33 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202112%7C61bad961c538eb1baf3672ab%26pid%3Dpa_x7PmDvb0VzjoeVL33 HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=5389241007823560723&sid=202112|61bad961c538eb1baf3672ab&pid=pa_x7PmDvb0VzjoeVL33

Request Chain 153

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_x7PmDvb0VzjoeVL33

Request Chain 154

https://pixel-geo.prfct.co/cs/?partnerId=crw HTTP 302
https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_x7PmDvb0VzjoeVL33&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw HTTP 302
https://pixel.prfct.co/cb?partnerId=crw

Request Chain 155

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_x7PmDvb0VzjoeVL33&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_x7PmDvb0VzjoeVL33&_origin=1&verify=true

Request Chain 156

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_x7PmDvb0VzjoeVL33

Request Chain 157

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_x7PmDvb0VzjoeVL33

Request Chain 158

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfeDdQbUR2YjBWempvZVZMMzM HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 270

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 271

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 272

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

295 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request nso-group-used-fake-gifs-to-hack-apple-imessage-574081 Show response
www.itnews.com.au/news/ 70 KB
71 KB 914ms
320ms Document
text/html 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4efdc737c610ab82283cad1f82154db195553d0d79c93a6981efdf52c38c4f4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Thu, 16 Dec 2021 06:14:53 GMT
content-length: 71968

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 145ms
51ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

deb6ac368e48ffc4ab528f5ca566df82610adacb99d9d454c5ad2ea93530fd18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:14:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
530 B 151ms
57ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c075a41ce6c691b5c599b6d3546a078e123e2a0eb8e2d81c65eeb389f96cb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:14:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 34 KB
9 KB 135ms
42ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 08:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8060
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 08:52:50 GMT

GET
H2 200 css_a504614db76c1f2450b89457f66f188d.css
www.itnews.com.au/styles/ 235 KB
35 KB 526ms
526ms Stylesheet
text/css 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5bc86ad85ee4ecae2db4187ce11fd6f49d70f43c514cf139f3b9421dccef30ad

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:53 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 06:13:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80f0cb844f2d71:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 36125
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 itnews-logo-sticky.png
www.itnews.com.au/images/ 4 KB
4 KB 382ms
382ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-sticky.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "4ec506c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 3919
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
61 KB 155ms
59ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25e6492f309bd8b72f21c399aa9790153523c55774e39722b47084ef07c41bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62139
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H2 200 itnews-logo-white.png
www.itnews.com.au/images/ 4 KB
4 KB 319ms
312ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "4ec506c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 3959
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 285 KB
285 KB 2142ms
879ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fimessage.png&w=480&c=0&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 71307386055053d3582c5e3b05d30b1582caefc9cc39ea497e553254277f6a76

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="0_0_480_1_70_/News/imessage.png"
content-length: 291799
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 260ms
63ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF6) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CF6)
Age: 1438
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 newsletter-promo-1.png
www.itnews.com.au/images/ 38 KB
38 KB 323ms
316ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/newsletter-promo-1.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "298a56c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 39346
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 8 KB
8 KB 1559ms
297ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fwoman_it_server_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 09e52a4fec111df4ffbac9a66c66102017e7d0ce13e522aaa9534d13c399d5e0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/woman_it_server_1.jpg"
content-length: 8469
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 1833ms
572ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2f20211122052750_strategy_data_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 31e44dd75556064a7a8181032ce06f4560fd836918c345d6904874e8aefe5c14

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/20211122052750_strategy_data_1.jpg"
content-length: 9041
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 12 KB
12 KB 1843ms
582ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2f20211022101841_data_flows_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2588a1ade08a9703c551df6f5c20b93f37cbea766a1e8878a5c32cd8f05009a9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/20211022101841_data_flows_1.jpg"
content-length: 12533
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 7 KB
7 KB 1562ms
300ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2f20211203125027_security_password_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 75ecb3ea79f6c0822028a1cf5112d15b48f7b7321c0fbe73a99c6bff36da9eb6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/20211203125027_security_password_1.jpg"
content-length: 6960
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 4 KB
4 KB 1834ms
572ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2f20211203120511_Radware_IDC_report_v1.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 50cc598d3268ac3d82709df633978419851c01e08f1a5f6ce70498040d2df034

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/20211203120511_Radware_IDC_report_v1.JPG"
content-length: 3650
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 5 KB
5 KB 587ms
585ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=http%3a%2f%2fwww.itnews.com.au%2fimages%2fno-image.png&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0c9447df280080307c1f2276a3d43f9bd6eb2a89dd0c37de8251f4ffa5d15d40

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_http://www.itnews.com.au/images/no-image.png"
content-length: 4841
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 2 KB
2 KB 584ms
582ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fCyberArk_the_ciso_view.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2467a30f41e17d9b55db7247bd02be63093f897b4c0873b047b03d498f4ad869

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/CyberArk_the_ciso_view.JPG"
content-length: 2209
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 4 KB
4 KB 601ms
599ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fAvepoint_o365_backup.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fba57ea0b40bc27ac27c04fe0f2f3627529c45a980e40668f8eedd655b282b7b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/Avepoint_o365_backup.JPG"
content-length: 4041
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 1 KB
1 KB 587ms
586ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2f20211112012329_forgerock.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e26cfad178913d1e7a62813f4c10ce62100aa09ffb50ae858caf4475625bea6c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/20211112012329_forgerock.JPG"
content-length: 1180
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2

200

mobile-share-twitter.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-twitter.png
https://www.itnews.com.au/images/mobile-share-twitter.png

2 KB
2 KB

293ms
291ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-twitter.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "298a56c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 2448
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-twitter.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 180
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-facebook.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-facebook.png
https://www.itnews.com.au/images/mobile-share-facebook.png

1 KB
1 KB

292ms
291ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-facebook.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d52736c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 1432
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-facebook.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-linkedin.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-linkedin.png
https://www.itnews.com.au/images/mobile-share-linkedin.png

2 KB
2 KB

293ms
292ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-linkedin.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d52736c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 1733
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-linkedin.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-whatsapp.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-whatsapp.png
https://www.itnews.com.au/images/mobile-share-whatsapp.png

3 KB
4 KB

294ms
293ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-whatsapp.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "298a56c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 3541
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-whatsapp.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-email.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-email.png
https://www.itnews.com.au/images/mobile-share-email.png

2 KB
2 KB

295ms
294ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-email.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d52736c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 2375
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-email.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 178
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 12 KB
12 KB 827ms
825ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fqr_code.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c658761d392e99a3f2f21174f07c66353d49b8e31c95b33539cab6844b975b41

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/qr_code.jpg"
content-length: 12117
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 28 KB
28 KB 880ms
878ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2flog4shell.png&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 91d7a7c925319c8aeedb7edd12edb081eadd5784095018b6df2e81199d7094f5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/log4shell.png"
content-length: 28738
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 17 KB
18 KB 860ms
859ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fnsw_digital_driver%27s_licence.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6bd12bc6a952032c3ed4f7d9e733717d970d7c73b3f685faee89128b17c6b309

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/nsw_digital_driver's_licence.jpg"
content-length: 17814
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 25 KB
26 KB 850ms
849ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fstack_of_money400.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cf3201fffcf146e11dd447dde4dab3605c0ec1a63da9fdbe456f1920460a0a9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/stack_of_money400.jpg"
content-length: 26065
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 6 KB
6 KB 830ms
828ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2felephant_in_the_room_business_deal_meeting.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4a3446509e83b8301500cea0d3c48f5787319c122230e1b1667189a96dab8b20

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/elephant_in_the_room_business_deal_meeting.jpg"
content-length: 5816
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 7 KB
7 KB 833ms
831ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fiStock-514877333.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 478c5f8a6eae3c3fb88aeb88c48129f4bcc794d54bc826f03f1178aa4859ee92

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/iStock-514877333.jpg"
content-length: 7560
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 110 KB
110 KB 1412ms
1410ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fTimothy_Whitfield.png&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fd2ade46345b975e8913716b49a5561ac3b95e80a7eae296bae4f6cf82958906

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/Timothy_Whitfield.png"
content-length: 112804
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 1439ms
1438ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fNigel-Hedges-opt-400x423.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 69c683f2b2eb68e7db5096280c3d56d654d901954f25536e1a6407de4df7c42f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/Nigel-Hedges-opt-400x423.jpg"
content-length: 8928
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 7 KB
7 KB 1626ms
1624ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2f20211102021143_OIP.jpeg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f2bad6612f2473d76fcfcb9a2605b2cae2c8f5717fcfa47f89a116cde9925340

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/20211102021143_OIP.jpeg"
content-length: 6967
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 4 KB
4 KB 1626ms
1625ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fR_Ray_Wang.jpg&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8eedef8905309b03d65b70624965f66540625b39b07d0cbd31ba6813645121e1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/R_Ray_Wang.jpg"
content-length: 4048
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 64 KB
65 KB 1627ms
1626ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fTop_10_Fast_50.png&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 780326c6663a6ee4f40664caea9d58dda4b8fa1c6302628e955d32d71424d1e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/Top_10_Fast_50.png"
content-length: 65947
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 6 KB
6 KB 1653ms
1651ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fBlackBook-Zero-15-Phantom-right.jpg&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb78da83b6aecb5e02430b98742d5a902a032b3cbbf9614313a71072bd28278d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/BlackBook-Zero-15-Phantom-right.jpg"
content-length: 5855
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 5 KB
5 KB 1653ms
1652ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fIoTAwards2021_LinkedIn_smaller.jpg&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2984af4144b8764d79eb699e7342edb40bed6557c614f206b1321b66ec16e703

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/IoTAwards2021_LinkedIn_smaller.jpg"
content-length: 5349
expires: Sun, 19 Dec 2021 06:14:56 GMT

GET
H2 200 logo_nextmedia.png
www.itnews.com.au/images/ 3 KB
3 KB 335ms
331ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/logo_nextmedia.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d52736c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 3458
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 interactive-logo.png
www.itnews.com.au/images/ 11 KB
12 KB 338ms
334ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/interactive-logo.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f04c6ba9510ec8d7ccdeca4edc6f5de95ebabf01675599d67aba6a23c05f76e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "6163fe6b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 11720
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 t.ashx
www.itnews.com.au/ 70 B
142 B 338ms
335ms Image
image/gif 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/t.ashx?u=&c=574081&s=3&r=&n=%2fnews%2fArticle.aspx&q=id%3d574081
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
x-ua-compatible: IE=edge,chrome=1
content-length: 70
expires: -1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Dec 2022 13:50:47 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Dec 2022 05:55:52 GMT

GET
H2 200 gdpr.js Show response
www.itnews.com.au/scripts/ 4 KB
1 KB 292ms
287ms Script
application/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/gdpr.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 22:18:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8057b56c4ae2d71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1378
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 itn_230c8e523cec77026e09e907d0aa505e.js Show response
www.itnews.com.au/scripts/ 139 KB
42 KB 300ms
294ms Script
application/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/itn_230c8e523cec77026e09e907d0aa505e.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d90994a170a5858e734b0b1384f9aba52c6395b53633cbbfaf1b41bcee899853

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 06:13:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80f0cb844f2d71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 42917
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ss.js Show response
koi-3qnnf9xqbw.marketingautomation.services/client/ 12 KB
5 KB 261ms
127ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.240.178.107.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2c3f6b4c90c8c3bbe949a5fcbe010bbd9879ff792503728a36cb23f2c9bdebba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 16:09:36 GMT
server: openresty
etag: W/"61b8c1c0-2fbf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=604800, public
alt-svc: clear
expires: Thu, 23 Dec 2021 06:14:57 GMT

GET
H2

200

breaking-news-header-bkg-40.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png

2 KB
2 KB

295ms
294ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ca77f26b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 2338
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 187
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

itnews-logo-white.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/itnews-logo-white.png
https://www.itnews.com.au/images/itnews-logo-white.png

4 KB
4 KB

295ms
295ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "4ec506c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 3959
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/itnews-logo-white.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 177
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

search-icon.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/search-icon.png
https://www.itnews.com.au/images/search-icon.png

2 KB
2 KB

296ms
295ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/search-icon.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "cd4ea6c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 2259
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/search-icon.png
date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 171
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 end-quote.png
www.itnews.com.au/images/ 1 KB
1 KB 336ms
334ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/end-quote.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51d03b0e5c77c8e9a0f743307168b9f7db8ba1d9e0e24cc287be4506f2609576

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b70fc6b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 1172
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 161ms
67ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:19:29 GMT
x-content-type-options: nosniff
age: 111328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 23:19:29 GMT

GET
H2 200 PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v5/ 18 KB
19 KB 174ms
80ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v5/PN_xRfK9oXHga0XdZsg_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc7439d0bcd61351187d0bdb4baf49a9ddd8b096ccadf39b13bd848a74d9012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 11:12:37 GMT
x-content-type-options: nosniff
age: 68540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18824
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:46:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 11:12:37 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 135ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 20:12:18 GMT
x-content-type-options: nosniff
age: 36159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 20:12:18 GMT

GET
H2 200 PN_yRfK9oXHga0XV5e8qghzW.woff2
fonts.gstatic.com/s/martel/v5/ 18 KB
18 KB 192ms
99ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v5/PN_yRfK9oXHga0XV5e8qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de849f6d3a085e2b8dcef6e2fb6f7d7d9c222d205aaf0143b7b25623d430d868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 07:03:31 GMT
x-content-type-options: nosniff
age: 515486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18812
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:58:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 07:03:31 GMT

GET
H2 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v5/ 19 KB
19 KB 199ms
106ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v5/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23b450572be1b110a1df8fa3c44f60e30c3b395adc25c8069645875858dfc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:49:19 GMT
x-content-type-options: nosniff
age: 87938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18960
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:22:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:49:19 GMT

GET
H2 200 PN_yRfK9oXHga0XVzeoqghzW.woff2
fonts.gstatic.com/s/martel/v5/ 19 KB
19 KB 203ms
110ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v5/PN_yRfK9oXHga0XVzeoqghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

728b2abe8f348e8134d1728ddb288632abd41083df888a67d7446a5b74f290fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 06:46:07 GMT
x-content-type-options: nosniff
age: 516530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19112
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:55:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 06:46:07 GMT

GET
H2 200 recirculation.epl Show response
www.dianomi.com/ Frame E541 2 KB
908 B 140ms
63ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/recirculation.epl?id=119

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9260042b5d4b486b4b70ccfe2a6eb3a8e11af5e48585449f55dde75c753660e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6be5c641bcba362e-MAN
content-encoding: br

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 62E6 8 KB
2 KB 161ms
85ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5141

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f49fb53cc69597ea9601b7958be8166a9f2ceb0d90a955e07f3f0cf7ab2bb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2818/17.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6be5c641bcbb362e-MAN
content-encoding: br
cf-h2-pushed: </img/a/pss/2818/17.css>

GET
H2 200 article-share-comments.png
www.itnews.com.au/images/ 981 B
1 KB 302ms
301ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-comments.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a0e7e32cf14caf3c5f5b29e79bd8711348a5bf2137a12104d2cd1b1110b0f272

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a0b2ed6b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 981
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-tw.png
www.itnews.com.au/images/ 747 B
804 B 302ms
300ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-tw.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fa4b9d9a56c65d6f525056d71f4e46b1f2750e86960343402424d88c13772f6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ca77f26b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 747
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-fb.png
www.itnews.com.au/images/ 345 B
402 B 302ms
301ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-fb.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 413dc61acc8e9741b76a34382ddbe3632052fe38d580bd2680d3e9d407ceb6be

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3a3cf76b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 345
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-li.png
www.itnews.com.au/images/ 473 B
514 B 302ms
301ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-li.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1096ae848f7e01f065ce530dcd17bd1a1af503a2c4ae83cbf8972e900446e36a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ca77f26b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 473
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-feedback_2.png
www.itnews.com.au/images/ 678 B
735 B 303ms
301ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-feedback_2.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 96f1173b3c05e0f7230e3d2b4ac6ebd7d816de5e71ebabfbe20e2b339dba6078

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f814f06b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 678
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-email.png
www.itnews.com.au/images/ 744 B
785 B 303ms
301ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-email.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a7f7b00e22cf33ff4aeef9005ebb800ccad9f67e326142d8ba30c2e801ac719

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a0b2ed6b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 744
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-print.png
www.itnews.com.au/images/ 709 B
766 B 303ms
302ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-print.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ea6da8487b903fd84a283d780bede1ae1da97d7f2c364653e790822405505f62

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "4b9ef96b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 709
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 147ms
89ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 20:12:20 GMT
x-content-type-options: nosniff
age: 122557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 20:12:20 GMT

GET
H2 200 sponsoredcontent.ashx Show response
www.itnews.com.au/scripts/ 1 B
61 B 302ms
302ms Script
text/plain 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/sponsoredcontent.ashx?type=SponsoredLink&si=Blogs&pa=&sc=32&output=script&ros=True&ord=1447158458052959.5
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cache-control: private
content-length: 1
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 17.css
www.dianomi.com/img/a/pss/2818/ Frame E541 2 KB
942 B 4ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2818/17.css

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35644
cf-polished: origSize=2720
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Nov 2021 22:23:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=ISO-8859-1
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:14:57 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6be5c6422cfe362e-MAN
cf-bgj: minify

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/670474487/1/ Frame E541 1 KB
2 KB 36ms
35ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/670474487/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51c7868ce91ed8f0e00b4ecea702098f3518fc7785129ef566d8ef6a98d34c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68734
cf-polished: qual=85, origFmt=jpeg, origSize=1575
content-disposition: inline; filename="100x70.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 02:42:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 06:14:57 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6be5c6424d23362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/670484393/1/ Frame E541 2 KB
2 KB 49ms
48ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/670484393/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa6ee22841c9f78a5fff4291cc23433ce9b9fd95bd6b2fcfbf616f3228890500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3775
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1754
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 07:04:35 GMT
server: cloudflare
etag: "ebf-5d329eb22c338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:14:57 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5c6424d25362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/670526746/1/ Frame E541 2 KB
2 KB 33ms
33ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/670526746/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b598105ac886e625b0389d9a22b4c677d6b53059ceff76c81afc10d36c4febd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4406
cf-polished: origSize=1630, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 21:35:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 06:14:57 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6be5c6424d26362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/670241752/1/ Frame E541 2 KB
2 KB 35ms
34ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/670241752/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa6ee22841c9f78a5fff4291cc23433ce9b9fd95bd6b2fcfbf616f3228890500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 424906
cf-polished: qual=85, origFmt=jpeg, origSize=3775
content-disposition: inline; filename="100x70.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Dec 2021 01:17:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 06:14:57 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6be5c6424d27362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/670524310/1/ Frame E541 3 KB
3 KB 31ms
31ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/670524310/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

877a2ec285bddb78038a702f6cdea910d67c01c7650057514135f4fdc5264756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4407
cf-polished: degrade=85, origSize=14414, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 21:37:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 06:14:57 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6be5c6424d28362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 17.css
www.dianomi.com/img/a/pss/2818/ Frame 62E6 2 KB
802 B 32ms
31ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2818/17.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35644
cf-polished: origSize=2720
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Nov 2021 22:23:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=ISO-8859-1
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:14:57 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6be5c6425d36362e-MAN
cf-bgj: minify

GET
H3 200 css
fonts.googleapis.com/ Frame E541 4 KB
533 B 101ms
50ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0bc4996324cec863fdfab8b59670e91fcb8c0ba169c0cc5ff950ef73c50ddf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:14:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E541 2 KB
428 B 101ms
51ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47d10c916915480806f7e1066ff6194fd0bde12ef7c36e68f8155d47a10bd531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:32:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H2 200 viewability8.js Show response
www.dianomi.com/js/ Frame 62E6 7 KB
2 KB 32ms
32ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability8.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4751
cf-polished: origSize=9963
last-modified: Tue, 31 Aug 2021 16:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"26eb-5caddd1f2481d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6be5c6427d66362e-MAN
expires: Thu, 16 Dec 2021 10:14:57 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 62E6 1 KB
1 KB 37ms
35ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26837
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:14:57 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5c6429d78362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/240257/5/ Frame 62E6 2 KB
2 KB 38ms
36ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/240257/5/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fad796db764292f62fa7751331f68ced6511e0cac4854957d4d3a323db2efbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 404002
cf-polished: qual=85, origFmt=jpeg, origSize=4406
content-disposition: inline; filename="100x70.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Dec 2021 13:30:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 06:14:57 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6be5c6429d7b362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/230984/4/ Frame 62E6 3 KB
3 KB 34ms
32ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/230984/4/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042882d15b906e6b3692def5af2871533f8d556a2b5506af99ec2ecff4d5f5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1299943
cf-polished: degrade=85, origSize=7427, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2870
x-xss-protection: 1; mode=block
last-modified: Sat, 02 Oct 2021 09:02:59 GMT
server: cloudflare
etag: "1d03-5cd5af24c020b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:14:57 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5c6429d7c362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/238838/3/ Frame 62E6 3 KB
3 KB 38ms
37ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/238838/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

637ba5312381be82d03c805c859a188c9c1abab50edc53222eae8e2934b9f62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1267021
cf-polished: degrade=85, origSize=16202, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Dec 2021 13:22:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 06:14:57 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6be5c6429d7d362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/228414/8/ Frame 62E6 2 KB
2 KB 37ms
35ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/228414/8/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf3b552882b71ca4624388b0cf71d4fbbe861a3e045439d2b5d704b075ef302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2376540
cf-polished: qual=85, origFmt=jpeg, origSize=7085
content-disposition: inline; filename="100x70.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 18:05:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 06:14:57 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6be5c6429d7e362e-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/237143/3/ Frame 62E6 2 KB
2 KB 47ms
45ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/237143/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80cd93082244385f343d9225ed49c9b6ba89e28fa1cedc3355795a5a9123ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3449
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1760
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 14:46:54 GMT
server: cloudflare
etag: "d79-5d161b22c28da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:14:57 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5c6429d7f362e-MAN
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 62E6 8 KB
4 KB 243ms
68ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e3126f4b1713295ca3a4510ea8a6be422cfe78cc9603dc8351818edcc6a1254

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 14:09:11 GMT
Server: Microsoft-IIS/10.0
ETag: "801dd2174ebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H3

200

B26619252.321874054;dc_pre=CKuO9LvV5_QCFZdr4Aodi-4M8w;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent... Show response
ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./ Frame 62E6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_pre=CKuO9LvV5_QCFZdr4Aodi-4M8w;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;t...

15 KB
10 KB

117ms
67ms

Script
text/javascript

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_pre=CKuO9LvV5_QCFZdr4Aodi-4M8w;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

8b56f9dd411a7face122ef59eb68331022d3bc1508c7b380b03053afa57e5c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_pre=CKuO9LvV5_QCFZdr4Aodi-4M8w;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Impression_Tracker.gif
s0.2mdn.net/9944765/ Frame 62E6
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N1224350.160898DIANOMI/B24058941.271704368;sz=1x1;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CO...
https://ad.doubleclick.net/ddm/ad/N1224350.160898DIANOMI/B24058941.271704368;dc_pre=CLOP9LvV5_QCFZCEewodgGwGyQ;sz=1x1;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%...
https://s0.2mdn.net/9944765/Impression_Tracker.gif

42 B
582 B

133ms
41ms

Image
image/gif

2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9944765/Impression_Tracker.gif

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:40:03 GMT
x-content-type-options: nosniff
age: 52495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
last-modified: Tue, 24 Mar 2020 06:27:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Dec 2021 15:40:03 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/9944765/Impression_Tracker.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 237ms
65ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=83645
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 162ms
64ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H2 200 hotjar-2321248.js Show response
static.hotjar.com/c/ 4 KB
2 KB 162ms
75ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2321248.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

63fdae2e107092cadb58b46920b5c86043e0d085583559ad9f448890193a46e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/9cfb5117bc52f212a7b62f5a79b187ea
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1893
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-id: tTb118FNBBvRU8nam4ijy9uGq9jmLvVox4PmfRgb0GI6QN1FtpKEBQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 158ms
52ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: tFZOqdQ9d41NLo2bMFQbBsKl0DPckkmR1vXsIq4amnGwVdNlHBgQcC30tS/SkcY/GJirxL5iKsSASnEoSJjkiA==
x-fb-trip-id: 720026100
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Dec 2021 06:14:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 62E6 4 KB
533 B 73ms
57ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0bc4996324cec863fdfab8b59670e91fcb8c0ba169c0cc5ff950ef73c50ddf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:14:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 62E6 2 KB
428 B 73ms
58ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47d10c916915480806f7e1066ff6194fd0bde12ef7c36e68f8155d47a10bd531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:39:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:57 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame E541 23 KB
23 KB 113ms
64ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:19:29 GMT
x-content-type-options: nosniff
age: 111328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 23:19:29 GMT

GET
H3 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v5/ Frame E541 19 KB
19 KB 90ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v5/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23b450572be1b110a1df8fa3c44f60e30c3b395adc25c8069645875858dfc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:49:19 GMT
x-content-type-options: nosniff
age: 87938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18960
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:22:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:49:19 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame 62E6 23 KB
23 KB 91ms
58ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:19:29 GMT
x-content-type-options: nosniff
age: 111328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 23:19:29 GMT

GET
H3 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v5/ Frame 62E6 19 KB
19 KB 80ms
47ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v5/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23b450572be1b110a1df8fa3c44f60e30c3b395adc25c8069645875858dfc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:49:19 GMT
x-content-type-options: nosniff
age: 87938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18960
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:22:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:49:19 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 62E6 23 KB
23 KB 86ms
53ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 20:12:18 GMT
x-content-type-options: nosniff
age: 36159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 20:12:18 GMT

GET
H2 200 network-bar-logos.png
www.itnews.com.au/images/ 9 KB
9 KB 291ms
291ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/network-bar-logos.png?q=20211001
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "298a56c4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 9407
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_230c8e523cec77026e09e907d0aa505e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2403
date: Thu, 16 Dec 2021 05:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 07:34:54 GMT

GET
H2 200 koi Show response
koi-3qnnf9xqbw.marketingautomation.services/ 148 B
604 B 183ms
182ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qnnf9xqbw.marketingautomation.services/koi?rf=&hn=www.itnews.com.au&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1639635297703&ac=KOI-4BG98ANIO8&ts=1639635298&pt=0&pl=0&loc=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&tp=page&ti=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage%20-%20Security%20-%20iTnews

Requested by

Host: koi-3qnnf9xqbw.marketingautomation.services
URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.240.178.107.bc.googleusercontent.com

Software

openresty /

Resource Hash

5a6e050a61839ece50cf29e921f870d9287fc093d999b0e47264e19d65fbf8ca

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:57 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 16 Dec 2021 06:14:57 GMT
server: openresty
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
via: 1.1 google
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-dcbbbb9c4-xfshd
content-type: application/javascript
alt-svc: clear
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 91F1 319 KB
103 KB 63ms
63ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.itnews.com.au
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 553715
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Dec 2021 06:14:57 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H/1.1 200
OK embed.js Show response
itnewsnext.disqus.com/ 74 KB
24 KB 230ms
160ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/embed.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_230c8e523cec77026e09e907d0aa505e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

442620a1f39799b8fc4c19d02d997d8756dba122708a74e01b6959728ca0713f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24581
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK count.js Show response
itnewsnext.disqus.com/ 1 KB
2 KB 99ms
29ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/count.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_230c8e523cec77026e09e907d0aa505e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 256
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 14 Dec 2021 16:08:00 GMT
Server: nginx
ETag: "61b8c160-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: bk23LNuZuaVZtPOX0sskCnE0TSlnBHS_ERvE1zm-ddrcAJUQgXWdkg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 143ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_230c8e523cec77026e09e907d0aa505e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1072 / 256 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 06:14:58 GMT

GET
H2 200 twitter.ashx Show response
www.itnews.com.au/utils/ 1 B
64 B 291ms
290ms XHR
text/plain 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/utils/twitter.ashx?u=%2fnews%2fnso-group-used-fake-gifs-to-hack-apple-imessage-574081
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cache-control: private
content-length: 1
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 facebook.ashx Show response
www.itnews.com.au/utils/ 1 B
60 B 587ms
587ms XHR
text/plain 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/utils/facebook.ashx?u=%2fnews%2fnso-group-used-fake-gifs-to-hack-apple-imessage-574081
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cache-control: private
content-length: 1
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 210ms
103ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2321248.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 657532
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: L9UwDxs160-x8FYR9Z2ik2ebx01I1UZsRvfJARwF0okvaY1vI6Sgqg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/ 2 KB
2 KB 143ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/?random=1639635297887&cv=9&fst=1639635297887&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&tiba=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage%20-%20Security%20-%20iTnews&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ce3778ce3ac2b62e70f43e02cea839d5de3276060a87674dd7126fcbf9785cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 991594294528179 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 238ms
184ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/991594294528179?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f7ed14c0fa08378038616275dd1823f732b18f4463e44272a5d74ff72db618c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: G8XdJdWUhUZZfheyMaOYsiVpEXdgmyVNYWHEn82lNteK1Hp324xrD4muYn+k7Q6K1bX01Oxm0ggR5U46rHaR3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:14:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1639635297920%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&liSync=true&e_ipv6...

0
155 B

361ms
138ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&liSync=true&e_ipv6=AQJDrUYpl2O8NQAAAX3B4Sh0WKh92vjuTctcQHMkKePTN3PCF84KnNWrCyGczYADUpHn7gx0fg
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: q42z950nwRbg3sk7DCsAAA==

Redirect headers

date: Thu, 16 Dec 2021 06:14:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 81C67B6693DD4E67BF7BB1F5FC41ED40 Ref B: LON04EDGE1111 Ref C: 2021-12-16T06:14:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1639635297920&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&liSync=true&e_ipv6=AQJDrUYpl2O8NQAAAX3B4Sh0WKh92vjuTctcQHMkKePTN3PCF84KnNWrCyGczYADUpHn7gx0fg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTPVeFqDXkkE4FUAcHsg==

GET
H/1.1 200
OK dv-measurements1940.js Show response
cdn.doubleverify.com/ Frame 6235 490 KB
89 KB 74ms
74ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1940.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a017571443bb27ca29ee2d9221639df656b0b5f3b0f370fc68aac31fa98ef30c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 09:41:32 GMT
Server: Microsoft-IIS/10.0
ETag: "02ee99d4eebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91098

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 978D 2 KB
1 KB 126ms
41ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2321248.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tChx4lgt_s0arzkArUv0O4me3-cBoQJI1ZNVRBL_1Y0NjRurS9qCxg==
age: 1174912

GET
H/1.1 200
OK count-data.js Show response
itnewsnext.disqus.com/ 239 B
822 B 105ms
105ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/count-data.js?1=574081

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c556e020e8ab6c6373bfcd2e49a9367aefa0502f59c0447b239773fc697feee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 502
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 239
X-XSS-Protection: 1; mode=block

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 91F1 232 B
448 B 203ms
134ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1c8b8926dde2b988a8c0aaf3037fcc979116abd0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.itnews.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 06:14:58 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d879a0678841cd721e9ed33f1138fe757f2b0be443d4bcef7799c6ed814ede38
content-length: 166

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 101ms
48ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=338716936&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&ul=en-us&de=UTF-8&dt=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage%20-%20Security%20-%20iTnews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1800223928&gjid=1180154994&cid=989228755.1639635298&tid=UA-102830131-1&_gid=756092318.1639635298&_r=1&_slc=1&cd1=News&cd2=Technology&cd3=Security&cd4=%7Capple%7Cgoogle%7Cnso%20group%7Cproject%20zero%7Csecurity%7C&cd5=0&z=1624989271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 62E6 8 KB
4 KB 149ms
65ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=16795474&cmp=26619252&sid=6319976&plc=321874054&advid=9663426&adsrv=1&btreg=514242867&btadsrv=doubleclick&crt=158503678&tagtype=display&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e3126f4b1713295ca3a4510ea8a6be422cfe78cc9603dc8351818edcc6a1254

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 14:09:11 GMT
Server: Microsoft-IIS/10.0
ETag: "801dd2174ebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 62E6 41 KB
15 KB 134ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1155287.576592DIANOMIINC./B26619252.321874054;dc_trk_aid=514242867;dc_trk_cid=158503678;ord=1639635297;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 11:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Dec 2022 11:30:32 GMT

GET
H2 200 5f83be4dd2cc51a7cb000001.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 124ms
30ms Script
text/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5f83be4dd2cc51a7cb000001.js

Requested by

Host: koi-3qnnf9xqbw.marketingautomation.services
URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

33391baaec782c378a1fb4d805c86c1701a684befeff518eed6e87db2a2b5e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
server: Cowboy
age: 1084
x-served-by: cache-lcy19233-LCY
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=1800
accept-ranges: bytes
x-timer: S1639635298.215810,VS0,VE1
content-length: 3897
x-cache-hits: 1

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 150ms
51ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 06:14:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
709 B 161ms
53ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itnews.com.au

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

93d930c0a00df6758a69e163593e706a402653fee93cfc0053c4d9b554c2ca9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:14:58 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 113ms
36ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102830131-1&cid=989228755.1639635298&jid=1800223928&gjid=1180154994&_gid=756092318.1639635298&_u=YEBAAEAAAAAAAC~&z=2050905261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 06:14:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 6235 3 KB
3 KB 362ms
101ms Script
text/javascript 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=196&ttfrms=19&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3AE%3F6HD%5D4%40%3E%5D2FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3AE%3F6HD%5D4%40%3E%5D2FTar9EEADTbpTauTauHHH%5D5%3A2%3F%40%3E%3A%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=199&ddur=259&uid=1639635298149638&jsCallback=dvCallback_1639635298149905&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=425&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1940&tgjsver=1940&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&fcifrms=4&brh=2&sdf=2&dvp_epl=168&noc=4&ctx=16795474&cmp=26619252&sid=6319976&plc=321874054&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=3977161876.7866&dvp_tukv=41234069469.15633&dvp_uuid=67844200.2837104&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=1565665182515
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: f442b2202ec6c6df03ecf8382a578998a268807a5199da65e8cdffceb73c2bea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:58 GMT
Cache-Control: max-age=0
Content-Type: text/javascript
Transfer-Encoding: chunked
Expires: 12/15/2021 06:14:58

GET
H2 200 /
www.google.com/pagead/1p-user-list/658328797/ 42 B
548 B 149ms
56ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658328797/?random=1639635297887&cv=9&fst=1639634400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&tiba=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage%20-%20Security%20-%20iTnews&async=1&fmt=3&is_vtc=1&random=3281981183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/658328797/ 42 B
548 B 146ms
53ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/658328797/?random=1639635297887&cv=9&fst=1639634400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&tiba=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage%20-%20Security%20-%20iTnews&async=1&fmt=3&is_vtc=1&random=3281981183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 176ms
51ms Other
text/css 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715671
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: af7js5vtsqgSaaaeY98smToic7p8onGhGUlpa55o2m99f6wie08zMw==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 0
93 KB 164ms
78ms Other
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4462168
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: l9SdVjoxzRSKBSlhWGHqWjYfZR6sAYWUp08Ca66gNalMTttR4MTTMA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js
c.disquscdn.com/next/embed/ 0
121 KB 201ms
115ms Other
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715671
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: jLqf-FLNYUlmTwwlbpvUyJroFJ2QEwD4qk_1M5YsQszM8qFdw_L1cg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 95ms
33ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 52
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14552
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
itnewsnext.disqus.com/ 63 KB
21 KB 132ms
132ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/recommendations.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

84c599eb1ff381d2b452a1fa836d59a8b42482fe3a3baea5a0583128abdb67a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20896
Cross-Origin-Resource-Policy: cross-origin

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7AE6 22 KB
8 KB 108ms
57ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 15 Dec 2021 11:30:32 GMT
expires: Thu, 15 Dec 2022 11:30:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 67466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dv-measurements1940.js Show response
cdn.doubleverify.com/ Frame 24C0 490 KB
89 KB 70ms
69ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1940.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a017571443bb27ca29ee2d9221639df656b0b5f3b0f370fc68aac31fa98ef30c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 09:41:32 GMT
Server: Microsoft-IIS/10.0
ETag: "02ee99d4eebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91098

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2321248/ 146 B
323 B 136ms
45ms XHR
application/json 34.254.124.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2321248/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.124.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-124-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js Show response
platform.twitter.com/js/ 7 KB
3 KB 63ms
63ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEB) /
Resource Hash: 7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:11 GMT
Server: ECS (mil/6CEB)
Age: 553716
Etag: "8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2438

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=147698&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag

136 B
465 B

41ms
40ms

Script
text/javascript

54.194.64.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Server: 54.194.64.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-64-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e129a124daa315b150ffdf5e0a5bc247a8c5f55c7fcf338d614aff4da05b5d8f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 136
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 34E0 6 KB
4 KB 206ms
138ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

65d9389fe9d46716569f84e906aa677cb47237fd79ae07010bd77611d73adef4

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Connection: keep-alive
Content-Length: 2749
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 15 Dec 2021 20:06:07 GMT
ETag: W/"lounge:view:8927674584.35f4e541f91d1fc47889a642c8c0a998.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Thu, 16 Dec 2021 06:14:58 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 24C0 2 KB
2 KB 295ms
103ms Script
text/javascript 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=120&ttfrms=6&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3AE%3F6HD%5D4%40%3E%5D2FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3AE%3F6HD%5D4%40%3E%5D2FTar9EEADTbpTauTauHHH%5D5%3A2%3F%40%3E%3A%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=199&ddur=259&uid=1639635298318536&jsCallback=dvCallback_1639635298318606&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=425&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1940&tgjsver=1940&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&fcifrms=6&brh=2&sdf=2&dvp_epl=168&noc=4&ctx=16795474&cmp=26619252&sid=6319976&plc=321874054&crt=158503678&btreg=514242867&btadsrv=doubleclick&adsrv=1&advid=9663426&tagtype=display&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=3977161876.7866&dvp_tukv=31418246996.82393&dvp_uuid=28002124426.72281&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=12139238812
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: af8af40ea36f328f518f7338d124e24c8f1d3dd9a6932edc86bc72c6395a5abd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:08 GMT
Cache-Control: max-age=0
Content-Type: text/javascript
Transfer-Encoding: chunked
Expires: 12/15/2021 06:14:58

GET
H2 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AE6 35 KB
14 KB 157ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 20:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 20:49:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 166ms
50ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.itnews.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itnews.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 close-white.png
www.itnews.com.au/images/ 438 B
486 B 302ms
301ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/close-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Kirrawee, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/styles/css_a504614db76c1f2450b89457f66f188d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:56 GMT
last-modified: Thu, 25 Nov 2021 22:18:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3a3cf76b4ae2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 438
x-ua-compatible: IE=edge,chrome=1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 278 KB
45 KB 587ms
538ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3537079483879137&correlator=2397026269895306&output=ldjh&impl=fifs&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211216&iu_parts=1003277%2CiTnews-SuperLeaderboard%2CiTnews-Leaderboard%2CiTnews-MREC%2CiTnews-Button%2CiTnews-inRead%2CiTnews-Interstitial%2CiTnews-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=1000x100%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x100%2C728x90%2C1x1%2C640x480%2C1x1&ists=1&prev_scp=%7Cpos%3Dtopb%7Cpos%3Dsto%7Cpos%3Dsto2%7C%7Cpos%3Dfooter%7C%7C%7C&cust_params=sec%3Dnews%26aid%3D574081%26cat%3Dsecurity%252Csecurity%252Ctechnology%26kwd%3Dapple%252Cgoogle%252Cnso%2520group%252Cproject%2520zero%252Csecurity&cookie_enabled=1&bc=31&abxe=1&lmt=1639635298&dt=1639635298381&dlt=1639635296869&idt=1486&frm=20&biw=1600&bih=1200&oid=2&adxs=240%2C531%2C1044%2C1002%2C1002%2C240%2C464%2C-12245933%2C0&adys=203%2C49%2C565%2C3313%2C3593%2C4044%2C2124%2C-12245933%2C4609&adks=667020349%2C2669764438%2C1265387520%2C3406322226%2C2734568407%2C4122735841%2C3533778239%2C727088295%2C964912442&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1120x90%7C830x100%7C913x2080%7C373x701%7C373x701%7C1120x3795%7C913x2080%7C640x-1%7C1600x147&msz=1120x0%7C829x0%7C300x250%7C343x250%7C343x0%7C1120x90%7C880x0%7C0x-1%7C1600x0&ga_vid=989228755.1639635298&ga_sid=1639635298&ga_hid=338716936&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C640%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8adca499e1df523be4c7a12e32ad6a9f5f9ba717d54569caed671e06472f0ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45534
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5859716044,-2,-2,4675091891,5851303132,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138375772306,-2,-2,138233473879,138374516857,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.itnews.com.au
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c6af3b5b9e735cc269aeaca87476651b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DDCE 6 KB
4 KB 183ms
50ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6af3b5b9e735cc269aeaca87476651b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 16 Dec 2021 06:14:58 GMT
expires: Fri, 16 Dec 2022 06:14:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 470261513615109 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 251ms
251ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/470261513615109?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a93fdeb9f121418f9f12458306130cc03545e8db3514e8fdc40bd7ec285a30f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: C0YrL4YSL/nPFhhUxPZQ5doEq4r+cwmBcEFQP9pzQ/v9IpW7rsojCJ49PAxwGOlLugXNOGZtsj8+s1WxJfmFWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:14:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 43ms
42ms Other
text/css 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5043093
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: mfLwoq1cX0AaUG8ZeZDAldQIcj6GPjMlAFfbbgvhSa6V_Ol0kdLf5A==
x-cache-hits: 0

GET
H2 200 common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
c.disquscdn.com/next/recommendations/ 0
87 KB 45ms
44ms Other
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5043093
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: Nx7WtscBMx_xJ42iS0J8jdbdwKZNKiu42Vm_ychW4SSA5kjaXpsgpA==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 54ms
53ms Other
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5651355
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: DVKXtxoPcc3ABinsIy17Mi6xLYq8SNhFmO9YQ8BQ-Ca5kRV3S_3C0g==
x-cache-hits: 0

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame D331 487 B
971 B 64ms
63ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CED) /
Resource Hash: 7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 149
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Dec 2021 06:14:58 GMT
Etag: "b5afbf73ee4d1579f3fb2f618f6accc7"
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CED)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 7DAE 5 KB
3 KB 128ms
128ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9ed8d2a4ecb4d07343fd8b5e43ad7bbf833f1194b2e7141058ed23f4d6f7b613

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Connection: keep-alive
Content-Length: 2320
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 27 Sep 2021 07:24:13 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 16 Dec 2021 06:14:58 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK embed.runtime.54a58eb5540918258367.js Show response
platform.twitter.com/embed/ Frame D331 8 KB
4 KB 64ms
64ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CED) /
Resource Hash: 12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CED)
Age: 553716
Etag: "c5272c96b4a5d0323eb55dac2cf6003d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3522

GET
H/1.1 200
OK embed.modules.66e311263622456867b1.js Show response
platform.twitter.com/embed/ Frame D331 519 KB
163 KB 129ms
64ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: 8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE2)
Age: 553716
Etag: "d2a7d4d81994376470f2560f453ad37b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 166772

GET
H/1.1 200
OK embed.i18n.c052951fae9a0c2b4020.js Show response
platform.twitter.com/embed/ Frame D331 146 B
651 B 250ms
61ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CFA) /
Resource Hash: 9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CFA)
Age: 553716
Etag: "ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 146

GET
H/1.1 200
OK embed.Tweet.7441fbde60739a79657a.js Show response
platform.twitter.com/embed/ Frame D331 16 KB
6 KB 249ms
60ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.7441fbde60739a79657a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE7)
Age: 553715
Etag: "882fc55e2cbdd922fdb9289839725a36+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5739

GET
H2 200 lounge.load.9068118211410bc5f67f5bb8d6806cba.js Show response
c.disquscdn.com/next/embed/ Frame 34E0 958 B
1 KB 131ms
41ms Script
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
Origin: https://disqus.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715671
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 494
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1ee"
content-type: application/javascript; charset=utf-8
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: JFt24TKWx8Mlxi7FbTahcx-VB7Fa8D35erWqIucFO-ALxJL9uC0YXA==
x-cache-hits: 0

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202112|61bad961c538eb1baf3672ab&pid=pa_x7PmDvb0VzjoeVL33
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202112%7C61bad961c538eb1baf3672ab%26pid%3Dpa_x7PmDvb0VzjoeVL33
https://pixel-geo.prfct.co/usermap/?xid=5389241007823560723&sid=202112|61bad961c538eb1baf3672ab&pid=pa_x7PmDvb0VzjoeVL33

43 B
256 B

40ms
40ms

Image
image/gif

54.194.64.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=5389241007823560723&sid=202112|61bad961c538eb1baf3672ab&pid=pa_x7PmDvb0VzjoeVL33
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Server: 54.194.64.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-64-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:58 GMT
X-Proxy-Origin: 89.238.142.212; 89.238.142.212; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 06ca012c-8b4e-49e9-b440-6dc3015ecd7f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/usermap/?xid=5389241007823560723&sid=202112|61bad961c538eb1baf3672ab&pid=pa_x7PmDvb0VzjoeVL33
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_x7PmDvb0VzjoeVL33

43 B
599 B

206ms
138ms

Image
image/gif

104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_x7PmDvb0VzjoeVL33

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Thu, 16 Dec 2021 06:14:58 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 891c5e3aaae6614f2955b173b2fd028ea885c0af2070e9546b9c727bc0be9b69
x-transaction: 710f4b5bce404c8e
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_x7PmDvb0VzjoeVL33
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=crw
https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_x7PmDvb0VzjoeVL33&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw
https://pixel.prfct.co/cb?partnerId=crw

43 B
365 B

515ms
115ms

Image
image/gif

52.21.179.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=crw
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Server: 52.21.179.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-179-197.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://pixel.prfct.co/cb?partnerId=crw
pragma: no-cache
date: Thu, 16 Dec 2021 06:14:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Thu, 16 Dec 2021 06:14:58 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_x7PmDvb0VzjoeVL33&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_x7PmDvb0VzjoeVL33&_origin=1&verify=true

0
122 B

47ms
46ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_x7PmDvb0VzjoeVL33&_origin=1&verify=true

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:58 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_x7PmDvb0VzjoeVL33&_origin=1&verify=true
date: Thu, 16 Dec 2021 06:14:58 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_x7PmDvb0VzjoeVL33

43 B
275 B

99ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_x7PmDvb0VzjoeVL33
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:58 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_x7PmDvb0VzjoeVL33
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_x7PmDvb0VzjoeVL33

0
239 B

429ms
108ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_x7PmDvb0VzjoeVL33
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_x7PmDvb0VzjoeVL33
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfeDdQbUR2YjBWempvZVZMMzM
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

40ms
40ms

Image
image/gif

54.194.64.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Server: 54.194.64.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-64-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 120ms
120ms Image
image/gif 54.194.64.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=24171911&source=js_tag&a_id=147698
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.64.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-64-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1023 B 50ms
49ms Image
image/gif 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?t=2&add=24171911

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:59 GMT
X-Proxy-Origin: 89.238.142.212; 89.238.142.212; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2f57a811-7d77-4495-a1f6-35fc9b4f2dde
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AE6 0
20 B 138ms
76ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BksG9Ydm6YbTDOpWM7_UPz5GVIAAAAAA4AeAEAg&bg=!IiGlIWXNAAZKWFskSlg7ACkAdvg8WixWQuKDyOqNeOvbh9JkQgStBlWJ9RTE8wFhjrwUhnc21_qWGAIAAABwUgAAAAxoAQcKAD-OOtOqD5CIun2WEOuzsNOLL8DocZuK7o8BPkp3mPBmTd4bqGieYTAE_nuFZieorIfO7S0hyzpj6aF3o_BIUzqZAtJdHjwY02T_4XIZ66PNBzinBpvOOSCNVXJIP05EOHmTvvrCIxemNvGYya0ne6K4BvMTsau-ys_zmKkrNU7wfSDu2cmZzE_xJ-vU0fYtBaXAXM37lAh3CIoJkaV2arC_Us-qR34UD7QVTvKS4t3wNp34YCXq_UckO8YGsC89Sl986aTB8lgkuBByAI9tl8pXGybdTqlx33Wrq920cPSCO6HSjYkCCUF9JF_kgjrsgO85eXw2jYpyd_dQRtFdW1oqup5xDWB4eOvuln2BfjWzx8V2Iv2xfO9Reeb2Y7D-ZVDQhBxRmZYLHsujI-LBAWTeHcKe7vEboEL9nO9v9DCUWZDxcppM7Lg-ZhQ2SJ9Y_LdRsgCbhgnVPC9gfOTBYu3P7JUWiS4NBYYJS2KkhFOy2_Lyrohd_ebikgV8FeU1yvHONJPkqasDqyRAel-8b4sPyu6HvLHmBnR-86VioScVf1lysdpnWNDeZg3K4TDLOcRWeFEoDtWYKdwaypa5nrxDzr6um9_vf2tCcyvpFpmBzumQoz0GSoHZp3CDvNM9FnThFlH4zTfJ4UXD-jgN6RWNyiwIuziFj4PTBb7XEQvmVSJ-NTJa9ZKf8r_71lHS-DJxZbkaq_oxiWZ-n1F5XattlPlJZ-ILsp33r2aeW802MH-674i-Qj9faT0AZHJVWYynN9Ptb9RjMVobdAoaXeK3vmpN3DagR-jXmAl8IgsY-PUqkIvkcClQMtLTLjooG67hmKhfISoKqUUsXuS2U8o_d1o81E7einQyGmOGmCZIRgksxIRhtYsnVTqFl0czHhQ9s0cLirwWP-OTM7LE426_PJ15C7SdzG5yoKGvAsS-4e7FkF8QFaKS3HUxffjHiNfHXrovO1X2u6kh2Z54tNsBPkjDAMsNpSTtPwRMkTCC44EorpWq5cR9vePaUA5GySTeqdG6a6BNYPESe-APYhrN3PAhAA

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js Show response
c.disquscdn.com/next/recommendations/ Frame 7DAE 923 B
1019 B 42ms
41ms Script
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5043092
x-cache: Hit from cloudfront
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: IVA5-acFWUCLYwVSQPpLb3YP6mzTQLwOVt1rON4RjJ7inlli4PSV7Q==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js Show response
c.disquscdn.com/next/embed/ Frame 34E0 282 KB
93 KB 45ms
44ms Script
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4462168
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: Vwbmi8g3YCv3b4nz8fAAa7gOFfQdRgeYFxu1MA00McAwuyTMvEUp2Q==
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 162ms
54ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=991594294528179&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&rl=&if=false&ts=1639635298700&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1639635298699.1999777042&it=1639635297897&coo=false&exp=p0&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 150ms
54ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=470261513615109&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&rl=&if=false&ts=1639635298703&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22672696263472981%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22264926417805007%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.2.1639635298699.1999777042&it=1639635297897&coo=false&exp=p0&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 115ms
54ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=991594294528179&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&rl=&if=false&ts=1639635298704&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&cd[content_ids]=574081&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1639635298699.1999777042&it=1639635297897&coo=false&exp=p0&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 87ms
55ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=470261513615109&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&rl=&if=false&ts=1639635298704&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&cd[content_ids]=574081&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1639635298699.1999777042&it=1639635297897&coo=false&exp=p0&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H2 200 common.bundle.6c6defcc206edabe5048d82459ee0a0e.js Show response
c.disquscdn.com/next/recommendations/ Frame 7DAE 262 KB
87 KB 43ms
42ms Script
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5043093
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: gzQzDvZ0W53CGE2V6L1r-gmrvLr8Q-38OvBavJv96-0nYTNoDcjZkA==
x-cache-hits: 0

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ Frame 34E0 165 KB
26 KB 43ms
43ms Stylesheet
text/css 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715671
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: YG40GP8JFtV1VAnE5UzbaBKJXVCG0HgCY8l-TOqPXrUnD5uq2FUC5Q==
x-cache-hits: 0

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js Show response
c.disquscdn.com/next/embed/ Frame 34E0 475 KB
121 KB 43ms
43ms Script
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715671
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: R8gzMYjMF7XKGCq8mdGV8tyLnME0ObIqdxFXXHyaorGenOW5oL-RgQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 34E0 14 KB
15 KB 29ms
29ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ba5de2dd01708185a0cf0204bee10541293279f7ed8589422e930caab1c18d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 52
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14552
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 7DAE 14 KB
3 KB 42ms
41ms Stylesheet
text/css 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5043093
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: bLoHFVUdd6GbIvE7JdfguKzgI_vSF0zINVEXXaRMLZs_eGMaJnehMw==
x-cache-hits: 0

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js Show response
platform.twitter.com/embed/ Frame D331 29 KB
10 KB 61ms
61ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF8) /
Resource Hash: 95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CF8)
Age: 553715
Etag: "243d823d043564092099acd4323c5b02+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 9316

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js Show response
platform.twitter.com/embed/ Frame D331 4 KB
2 KB 61ms
61ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE7)
Age: 553716
Etag: "03f1f219cd32073181398d1f998ecb57+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1733

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame 7DAE 65 KB
20 KB 43ms
43ms Script
application/javascript 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5651355
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: HWoPR4YJsAupFyy-QzMWyZkDjfGqldjTDN9A99Hu8Uko-uJINpCz_g==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 7DAE 14 KB
15 KB 30ms
29ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ba5de2dd01708185a0cf0204bee10541293279f7ed8589422e930caab1c18d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 53
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14552
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 34E0 3 KB
3 KB 121ms
121ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5ca348d98fb44d533638bb8135e3b480bd2cba78693d0b5edfaa40b1d496a5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3076
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js Show response
platform.twitter.com/embed/ Frame D331 383 KB
94 KB 61ms
61ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE6) /
Resource Hash: 7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE6)
Age: 552404
Etag: "28a37f9b17808aa66f17b1c227be059e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 96013

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js Show response
platform.twitter.com/embed/ Frame D331 17 KB
6 KB 61ms
61ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE9) /
Resource Hash: 0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE9)
Age: 553715
Etag: "c247e426d2ec154064a87aaff54defce+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5857

GET
H/1.1 200
OK embed.ondemand.Tweet.6e96324b79625228cf29.js Show response
platform.twitter.com/embed/ Frame D331 65 KB
16 KB 63ms
63ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.6e96324b79625228cf29.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF0) /
Resource Hash: 131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1471164135165636616&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&sessionId=1c8b8926dde2b988a8c0aaf3037fcc979116abd0&siteScreenName=iTnews_au&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CF0)
Age: 553716
Etag: "e5fb6dfbcdd3dbfd4df66eb8fb597873+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 15650

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 7DAE 3 KB
3 KB 82ms
82ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5ca348d98fb44d533638bb8135e3b480bd2cba78693d0b5edfaa40b1d496a5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3076
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1638827995/images/ Frame 34E0 2 KB
2 KB 106ms
29ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1638827995/images/noavatar92.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 718851
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: LHR61-C2
content-length: 1644
x-amz-cf-id: OLNGCZI20tjEeWzvPvirYtcDM6KVTByPdsorr9n008QqfWzBJHYl-A==
expires: Thu, 06 Jan 2022 22:34:07 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 34E0 13 KB
13 KB 46ms
46ms Image
image/svg+xml 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 20014637
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: kVVhy10DRKftZpUf79Yw03J2xTLGJ_KZb_apbBJ6UXgh7HrFSE09pA==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 34E0 3 KB
3 KB 45ms
45ms Image
image/gif 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 27307011
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FtWMqjQpPKkDG3uQp6dXfIgeY_vcjpQHCgAfQDe2ElYET3nI3lExHw==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 34E0 2 KB
2 KB 46ms
45ms Image
image/png 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7295230
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: boSBELrVVMOJB3XVUNTGZTAeOo5H5Ot2juOrlkov0Fe1cjK8aJ1H3Q==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 34E0 8 KB
8 KB 47ms
47ms Font
application/octet-stream 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
Origin: https://disqus.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 9145000
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: s2MveEvfULYO8S-9F82Rmb0E87-ucIyqPBjSWGkhVz5ovqkle3kGLA==
x-cache-hits: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022111011823000/ Frame DEDB 189 KB
55 KB 138ms
43ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

551210a5f01fde913b3cd9ff8e6629025bfb020b347b76c2f471efa7c1b546fd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55610
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 20:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aea15adeb0c59df4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 20:50:50 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DEDB 13 KB
5 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 421500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 09:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 09:09:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DEDB 89 KB
28 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 54304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 15 Dec 2021 15:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Dec 2022 15:09:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DEDB 5 KB
2 KB 130ms
128ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 20:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 20:50:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DEDB 40 KB
13 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Fri, 10 Dec 2021 13:17:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 Dec 2022 13:17:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DEDB 4 KB
618 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:29:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DEDB 4 KB
618 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:32:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 4166200095750644728
s0.2mdn.net/simgad/ Frame DEDB 87 KB
87 KB 91ms
42ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4166200095750644728

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d9f5285bc95a0e49b26504ecf0f5a8aae189987fefe28060a71023c9f8aa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:08:17 GMT
x-content-type-options: nosniff
age: 173202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88617
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 17:32:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Dec 2022 06:08:17 GMT

GET
H3 200 14102277537282524478
s0.2mdn.net/simgad/ Frame DEDB 2 KB
2 KB 109ms
61ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14102277537282524478

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eec575d3c0d65be9630c8de8424078b8a94cc477932ada5fb3d15f1f5bc746e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2124
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 17:32:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Dec 2022 06:14:59 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame DEDB 42 B
63 B 64ms
63ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXidxRFUaYcd2uc774XKN9cbqMjhUn5thia8rPfWhBYelMCtVQL8ojFSYccPuaEJ2iajd-ogFmg37Ca_DPCwialgy2Zzcq8n7fkkdAt0lJsVRkX-QZMk7SSO2L6DphFnLgnQ0cQLZiUSWLAAHuR-tyIquvvg&dbm_d=AKAmf-COjdHf__KEV-I9Dn7I0nAkwD5JWaEr2OetGZmYj5btPhX7nDtHxh93KMcPqCVaz_G2ddfBfoqCmUGawHdBOh2rWvX5dSomiElPlpFucnzNUpr45chZtjyRTEQQx3On8PG9ykgauRNBY4AvbpmkI7CRYn0RvdHTTMUmm5x0kDEHrRi_L0YZUZ-xERLI0gEiILNA7VrJcFLTbkOztxKwnnDOaO2rhXAojS97XvKQhM-cRowbJY4dEzEP_bp1gxR6VImwtVmYDJFZ1rqQ9E-HQzcR6I0qAtPI7qcUmGNZtbhriIgIzSBqahZ_6bnvTKJ9XOLBuinm9Qxyruu0LpZQR4AyxV5QmnQqvFfaFxUSYtZtfNTMlFZ6g2PIvQk4p6ASnMkjIiSAg1jtYSzoftgm2UO1Kkb0Lw01CwsO17bpHymMJliw5WW5woFPOlK_D_-H9Qz3rWXbi3kclvDb7G41kN7vFokKy3iN5Uk3q2O5BE0nQqabDJ6zcFqvs9LJv-I__7RFMLuTrSdputPAEj3ew6NqiguEyQoLWIBDBf13OKiEq67fkPpnj1R6BfBKrDA8gFsbBOsFMVhW2Qxc6OrN7Ai0-4wnZGh0TbT1PYO0WHwdnk38-2qYaS2q8xHUrt88AKEgjasbQlNu5Gw1f5eDFcLlAl_MR2JS9imnJt4tMe0NCKul69mecb3k03mPR8-sHEd894GDGEz1vrj4IrdigG_41Y9WVJz0nphB5uJgVMo8gL7oV1iJ2NhBrquqxMyO_TyqaP8S7_apiSXpPmCFGTSY9Bw3a-8k2xj7AUk8YEIbLkU1ujyB3Il9aYnNzgdnhdpfq9WOOHI3p1DR0TPkLVVBMpLdo6hPZ6EoAEaNF6BVwrWE7sEHldw60xBzBS7Xwf8Vcu2xXv-13OiZ-M-WS1p0KlKhshaykyZEaKTI4gkB0owBTRF7-JwyZQZzm7CgxFc63f_0O0gWk2JkmZUVIid0I5Dxn3TbQhIY9YWqkicPf9m3knEyiCqcuSG2pErR_Lw0AbWGvjgaqR2q2T604fR0sZ8QvAN-jWgaKX-4DT1b4SG-JOY7oN6AlvSq4klSyWI8pXxggzVES0WV5Uh5x8lFpM5k9RfB6gJQnWRk4HJeTlrMQLYUmsZs82B9QjxYbF9GstyFmUPq8KPZtsPlV2Mo7VG7YwpRNFZjpdbb-4JcGNpa4MlvD77JAx4BREoOTQlett2V_g6o8y3_R10xcVAUH30uh5ClIwYj2Pbyl2kD6mFGCVYp89dDCMnBw_aDZethyusfigxKE1GjHNezuCdmO51WQ8PWkebvjruQMHIF8bcEbfwkw2CemXh4LFFjCmaKXYD8PSMEynZCQnI32l0gBrycPX43n8rUnKkl4zPqsClPoRyf2kW4O_FWWyyUUUb-PUV4DQQiDfU5j2iOXaG6erOGEbWEzDKVdCjgmhA_Mzml1sucGCTrr_ECuiIWU4NXwoa5ehMSCwfV2ELYbrt94B3XuR9QDQiu4FN9Xe3yWl_YGChvZVWdTreXUhevVOAyjuqsEh0G8MfI6EcSoDxg2Ys3LF3-jBA5fur7DOT-hdpN6Uu22dGeYFxUt_W3ZWSWvxLk3oNyoRrhQD-kyhVh5glGKubNmWsQ2AzBztRMxiUZHt3i8-AYlFmTR_KVFZtNhbh3CDOgxw9tjp8lfvWvTLQFyibkdG_zwuaymyfL9nPjbns91RhOL74rzQxFv32qVxEKSNFzAa-Oa7WuC0vbLtUVz2RpODuAjy-IHoqr6_TdImcKO6chPD0UxwiY__tGI-cySx-Ozy3uz17V5PriTRPfMDf73a8LvHkF0Tx6xo4bo7m1Xt-PKWnwJboyCkPckCzjQ-F2GRZcA9l8lUbvhG2USydUtwKvWOoRxCmjeLM1TVj_7hjoif1BueuxaJm-RnH5y73T2QkshXYV09mjDlUbrGRGKgHRkQM9jViLs7aWVLHTJxrB-oyJPWyU2Mqy0-awFTUWJEmXAk7FdIDPImXQgEqPfPIKEaDwGmIoK23rqIUgrx3J4FNZ_r8r-Hp-1FTHJFItIxLr5XB-3KJic4GAuOVe0upJKTbS-2n0ZTaPEciNXjFN9wrsIoCaIfTMQSCs6n0NlO1Jcgv9AwOU_x_rtVgd7yfg2EPgNQGDkVSEZDqtj0QVbx3GgVCuL_fhUVlcKyfsuWMv9NTA9m3FlZE4n4xuDbTtoaeHU_CXDg9YfO-qvfT3822nIzEIChBE1xq11-A2Xf_iWCIc-qj-kCHIBIML6h4Y8M8rf1IznTJKzqWYWbqP3KFPAuYtyhbCK2AO_MhCpz6rCNGidt6KlSzWa7jGd_u3Ay-knOuaYBR2q0imysFe_wuX1QhVwJtFdRvqv1lsU1iWzevelPYw3LN_SXsbqqQNO_k-g4mixx4Nt6krd8kyP6egzA5gNEWNYIzKmHJhekPee17xrMk39Ydmyv-gLB0pU9ioDDzU3k006uFAjFFRI9lzloAhX9LM-Ap-FAuQKA0YTG45wOsAJz4LuoGlxLNRRQMeCI50NPmT1e4onQva3TrczlPSRpMAmBYYh8jD5PX5hpW_w7JuGXDSPxgmrYGRygMbSFq7BLDaOFPWdBO0ATX7JM8ucwmgwiiPqvittmw1IfxBjvoDFqAjzaZ0cNLqponIo1RmEqgP8R6K8cMGVRoS88jxF_8e-OCU05AH_-Ooua-HwgjYE2gUNfEzUlUJcIqIMU7h8atIHJ0nQ03GdGm8-23Z2tiFcZzilPPt6Fxi21Cei7s-7eGRlaAMy-gtbPzVy_e27awXd4CoEP15YP8zhtshXdfSzq3HghivxsdAAxRvg_oovjVVJIxU4iXU_BySysyVZ5zaHEs9XY_UqxCgmyeWlBIu1BIjKMOYtkxElg77znaPHGcWdVBfIC0-NZn6bgsbxWukbJ5EPcfPDjCyMrSBckTJq_bd7LBXQmNXu1yTgJkJ53MRl9KRC6rY6dvUrFwQGsnbp6f7UCSQA7a5pUiqeiiBm0SLg80MZ_Ad20QPpK_xKGEYiEAb4SISsudyIY2ZnLI86EI&cid=CAASEuRoa_mate9S_jF_Mk4QewEuSw&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DEDB 0
0 54ms
53ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COIBxYtm6YdzPH5af9u8P2dGXmAWZpP2YZv7zpe73DsCNtwEQASD9gKc6YLuGgIDcCqABjJP6qwLIAQaoAwGqBOsBT9AlmH7X-Whb7V6FcSjh0jfchJ0xoZ7Pni6FoRwfilBRqN5h8zr_r5q8p1jMp6gcYKgvj-4O5e8qHY0_0ousVYbHCIMZ6Q104U5trwmSYNcr5XMPGlq7ab7GqAB1iaa4Y0iVkoAbCutfXq1GfaELoSYTjck4T0WlCudJbv0DjoV5mh3T1XSeRaqOXnn-NxJIctDEVGN_OD7s99J_3YrijGy0btshf0u3Wi0uvDQHGpIwskxWOBNBfeHU0APBxsEbdPFxFqd4VqeJ5-Ar-1dLdUFKASJSecm-y9gnA4Nq6pR8U4p7G20w4hnQE8AEsfqT9cwD4AQDiAWXr7aPM5IFBAgDGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB9zshdQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwsQ4-eXBhjuybazAdIICQiA4YAQEAEYHYAKA8gLAbATwIe3DcgTqpnK3QPQEwDYEw3YFAHQFQGAFwGyFx4KHAgAEhRwdWItNjc5MjI5NjE1NjMyOTg5MBjd2AU&sigh=PLVvxrpMnrY&uach_m=[UACH]&cid=CAQSPACNIrLMmgqsjQuuJ6sIP3bdgSsVjVFvQeOtc4MGNWVDeGoD7VSXN6H7rXQO7DDxNohaf8I6mZYZqqCDUw&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DEDB 2 KB
2 KB 42ms
42ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 35983
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DEDB 295 B
319 B 42ms
41ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1885
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Dec 2021 05:43:34 GMT

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame F323 337 B
840 B 41ms
41ms Stylesheet
text/css 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3755390
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: RMY5aQgYcwhEld9vcMZfTJJ1aIZuKE3m3ZeDPa_3NXnMLU4UXoq0aw==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame B38F 337 B
839 B 41ms
41ms Stylesheet
text/css 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3755390
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: aQCpo-oskdfKG2yykJ36b29xQlxuEozQL8Tss3y6PD7i1e_pJqcPIw==
x-cache-hits: 0

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 7DAE 6 KB
6 KB 125ms
124ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=itnewsnext&thread=ident%3A574081&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

55137ef149a167f95c05413b93d602ce902fad428fbac86f1e77e8bac20a3395

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:59 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 776
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 5717
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 34E0 43 B
339 B 171ms
108ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=238&event=init_embed&thread=8927674584&forum=itnewsnext&forum_id=2865237&imp=8tn58832khqhk6&thread_slug=nso_group_used_fake_gifs_to_hack_apple_imessage&user_type=anon&referrer=https%3A%2F%2Fwww.itnews.com.au%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=574081&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&t_e=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_d=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&t_t=NSO%20Group%20used%20fake%20GIFs%20to%20hack%20Apple%20iMessage&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:14:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022111011823000/ Frame 3BA6 189 KB
54 KB 101ms
72ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

551210a5f01fde913b3cd9ff8e6629025bfb020b347b76c2f471efa7c1b546fd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55610
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 20:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aea15adeb0c59df4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 20:50:50 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame 3BA6 13 KB
5 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 421500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 09:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 09:09:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame 3BA6 89 KB
28 KB 142ms
141ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Thu, 16 Dec 2021 06:14:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 16 Dec 2022 06:14:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame 3BA6 5 KB
2 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 20:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 20:50:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame 3BA6 40 KB
13 KB 131ms
129ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Fri, 10 Dec 2021 13:17:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 Dec 2022 13:17:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3BA6 4 KB
618 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:17:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3BA6 4 KB
618 B 57ms
57ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:24:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BA6 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 35983
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BA6 295 B
319 B 41ms
41ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1885
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Dec 2021 05:43:34 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022111011823000/ Frame DF8F 189 KB
54 KB 119ms
96ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

551210a5f01fde913b3cd9ff8e6629025bfb020b347b76c2f471efa7c1b546fd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55610
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 20:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aea15adeb0c59df4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 20:50:50 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DF8F 13 KB
5 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 421500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 09:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 09:09:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DF8F 89 KB
28 KB 134ms
133ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 54304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 15 Dec 2021 15:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Dec 2022 15:09:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DF8F 5 KB
2 KB 139ms
138ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 14 Dec 2021 20:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Dec 2022 20:50:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022111011823000/v0/ Frame DF8F 40 KB
13 KB 139ms
138ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Fri, 10 Dec 2021 13:17:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 10 Dec 2022 13:17:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF8F 6 KB
669 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:25:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF8F 4 KB
618 B 57ms
57ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:16:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 06:14:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF8F 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 35983
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF8F 295 B
319 B 41ms
40ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1885
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Dec 2021 05:43:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2CB2 0
0 79ms
78ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVJdBiGybu9qT1uJpxZO_47AeZCbD3x0iJVq-CdlcxbOODfLC6f6q_lYVLggboCQ6iqWP6P8fxak-uYqyFmy4eafPDnNCsXjU8MoKnwb79KIUAKUBjF3FS41SWN7ZgOsAJqvh-Dz4mUaSWpYaeXlvr0hPx-dH1o0RKmLqmnnTHJ3TzLfDmMHFwifuCOYIHHrIVKFDXqOH_EFJ92MKJi6ljlSFIBaSslTggOmiCOJEhVzihC_-Sdwuih9HA7EIngn4NHZJKScLUxl7aUj8iTl8xh-fO6z7DM5WSsYnXgiz7nudPS0s7Q1-v&sig=Cg0ArKJSzHzxCsNR7wiFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 2CB2 19 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 05:23:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2CB2 2 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 06:05:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CB2 119 KB
36 KB 102ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 11212104105702244847
tpc.googlesyndication.com/simgad/ Frame 2CB2 94 KB
94 KB 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11212104105702244847

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac83594d4ff7a02f41bf4c95cfc72d3eada33cac4bfbb95e2d06662be3163abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95968
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 04:33:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Dec 2022 06:14:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74D2 0
0 76ms
76ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIg8Esdc78szbVlduuWSoWeMYLmPS8eDIHKT_8_Bw5Yxr9uL6JDqt6pWnpzCNZ8_SPxGBnjGx8M_0oAfhOwAfGb6HoaxePUweWqL-3FLP8wMYRe-lJznQLoexMBqevHACr79U61tbhG__Rd0-bA20YaW0qGheTzoPhzu7p3V2rCp5P2kfoHWOxmS41CLsYlImpvbYCf6YU3SbBR2vJneKlUtk89xK638ph9gI0OfGF4tahJyOsmeVV7myQZUBM4PIqdvGKVR0GLGqrTsU5-jcKOKbsohHD8yDSWAFoq_2CpCZDfTh6zsKRaQo&sig=Cg0ArKJSzM3_GVhC5fNBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tag Show response
a.teads.tv/page/84405/ Frame 74D2 2 KB
1 KB 263ms
105ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84405/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f73e559b8a4a2df55b8bdf4cc6ad2fdb56fcd652c10ab3af15f96a75601cd947

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 1023
expires: Thu, 16 Dec 2021 07:14:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74D2 119 KB
36 KB 144ms
101ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D8E 0
0 76ms
76ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv60_Ru8AXErdMX2Gj_Wwk3XUN8gUbTTBdL_y6CYL4WlYJRr2JC8yuXMbrLHXzbi80CRJIs0BR8GAPYtxwxnFv4nNkay8zxjO64-FpE4uy7iuTpZ8LpUKWM-cwpqSecXzLEVeI6Gu9N0-FqQ7Tzb8fkzbxPEQS8gc04AxrnBhDCT66nwECdd6Xxgx_sXxgsndSA6MuIPkkNYKEe-lsTn4ofi9HqeL_C2fDnVxLEP-LdJiLVweKrMagO51lg4VYqDk08jvAALCO354kbkHSrGHIKshNz8pNG-qJha-oMitqMQkHu3jRLGSlwa49Iz1j8FnJivHLSAX84bfCiaSRvIg&sig=Cg0ArKJSzPZZuOFTR1EuEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 2D8E 19 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 05:23:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2D8E 2 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 06:05:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D8E 119 KB
36 KB 118ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 484939878926448454
tpc.googlesyndication.com/simgad/ Frame 2D8E 254 KB
254 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/484939878926448454

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d772f1a025f0cbb6945c70fe0d3b664339f942909dffd97adb598e216fbb149a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:38:46 GMT
x-content-type-options: nosniff
age: 272173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260087
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 00:25:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Dec 2022 02:38:46 GMT

GET
H3 200 11407842308195556015
s0.2mdn.net/simgad/ Frame 3BA6 871 KB
871 KB 53ms
52ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11407842308195556015

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8073090ec43cda6ee534fef1585aeb3a32150a4243494139d89cafb83efd42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:59:11 GMT
x-content-type-options: nosniff
age: 558948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 892065
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 20:12:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 18:59:11 GMT

GET
H3 200 3302921662081780897
s0.2mdn.net/simgad/ Frame 3BA6 2 KB
2 KB 48ms
47ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3302921662081780897

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eec575d3c0d65be9630c8de8424078b8a94cc477932ada5fb3d15f1f5bc746e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 08:50:59 GMT
x-content-type-options: nosniff
age: 163440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2124
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 20:12:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Dec 2022 08:50:59 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 3BA6 42 B
63 B 65ms
64ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7Uoq8ebdVxEcqSKuNXBy77QOR7QVLmSs3Wu5aWMPNEUHYYzRQLn1FezcC6nawzNAA-599_cb1wEW3oSoRPgq25ilgWwnGlmjJu5m0GDLte2PVEBIzIqqaRy1X6PUUDn4w75YHJobY2ohiZsGXHONwAVYgHQ&dbm_d=AKAmf-CyObh6xNQgYwCQ6WfuT4yp23RAJ3yR-hFZc1IAUBHI3knq3lCRRDAHiFRZaqUod2osTfGSi4mry2fwqbqA0KoG1s8WqYhLtcUBUpCGoGZzd8L1N9LI59E1-CAs_f2d9QYIv1SVKx0Y5KjZ5hXjDsubPJqecrgW4hwQ2FMsjMJ4rqXHCm6sq14J_R22tOgrdT6pQZ7IwaDnfmHpN-oWDdLv5Wkvd1bs6YVAJfYZzulqYrYSx_114dVRJ3VyRBX_TOpR6t0YSTRvVMzOkIa1PEz54cE8rDD4WxP4go68wF0dSwcCIfzlwQFGgxRLeTtQyed9tRZ0d3u3cShmH5MHue2GuIThgmarVM_g7-C4G7eAmjKHyBUMLNkDqi6OOWV81j2LYyGdk3MA1p4dvahc0PeAMeyTORZ_3PXYIHTagY7zucQlI0S8n3zA3_NXVcdeTezlel7dXgCHg_Yu_diUl3RYgG4t0wn1sqMQ4ySerx3eZXTOnm-YdAASi5GIMlgioLk2exVo8FnGm3B_Sdveah18eggadg85QVuT8zcR7EF7i5bcbrX5qA61n15T1jD5z_ZMAPPpdvNoErMYMpf_Kkgc_78hFMqw8Q0FT2Eab7QH2uVop1DVJPBNvg51pksQrsl9HnWTmLt6mr-3jKOp7fYAOMOKHnfI_EeKQOcnELIklhX0F8tU5aOgbgxvkojTfTkEo1hiz8_lI1K5-nIitoOOZgRLyHbNR0YnbIhhNuudm4-E5Jo4-drEBERscJE3_-GAroWpBRbFPgGABD-DZl7AOxqiGETyns-PKBWNmfi_UfBKkOAtu6kOgGa3lralBNUbbfLIWY0U_-eh_E3NODSVvFMUT-noPP_Al6BPS78mAe6DyRBMu8xtb30rJjbmvYhJ0De9yqQ7Vk4uf_8haAB2hj9qycOXDqDpvEG0KbpO0KZeJ8B7cU_n04LG77n6GBegDlQNnh-da9Yg1BMKD0UFM7YgVnSRKJFRa0l1mLJlabT12g399emvr76CqlMacHLdy7ilBfYTh0IMqBvE-7IKkbYtrPS2y34x-WwmYxT-xKV-x4pGlB_YjIf4pm1eTOTNNceErDu3zzibrYe4rV6kaFqwd4TohYsl6Ndh_3K60bxHsnGDVsuVYVPice6-3Ep6smC0VlytO0fxhTqg4arX_I2B4E82Z49MoK8JK3GLo7vUDzGdhNBn9z_BhmGxy3Bq--uw88OrwNxoV-_6kN1Khm8iEu-287b3HatoUPZw4rf6O83g0sNk3yfQbCiCwnS7PmvO3CJtZ_uqYTYUvFXUmPj2eyHShLFAdRwpUa4jsUfNMAuIARW1ogWcAcAHNbQLDTYYuQFCIa5gv-QSDK3NIvn1Xt6PXxCxbwlR2DU6kifo4fcVK8710XtchSYByHx7FGUqQzp87Cq5JrU1uq8Erw5jF_-YCHWi3DTfQIZ4n-PVlaaMIERcoa6wJ7TKrkrinQmVkniFOYvI_WAMtkqiqQpUhPrXztLe2gTLZlMVRM9pn0E3yM07NGrcD9b6lvV4pHOmntEqr3MLL4i5Cw3AWDv0ClwS9CL6ddJBVn2aPW_TyjPNAwZgIyj9_yuylxNmnhqy73tfGkzvaNe_Or_yMFnwln5XtS3ak5dSFoLQsS2NOlxkwmXHavVlwrQQZDS230uaQFIoJjmGCGNSoRG1ebzoqUcuyw_AS_O2S4HfE33t6acSWWXR7NuRLbFaznfnwoWoeRo2b26KjidaSRgTSBMAWHoSTWIIksW6YKyAv_NV8lcRGq_BHDAz7PCFs5533oLwb-dVWKsjt5A3HOgEybKoKBc9xtXTA_dtrrP1wuuKKlge39GLbZoRxcL_GOnlHw2RFTviTOud4Ywlgg75eL1WwY6Ae2pQ-mjALz9Q4tI5foX2N9mJks9Ocn6B393AV2J97EDdFELIMDu1hCJ1ktfiSz11adBy4kH39CfW0OmuWVE09xJonsbYLFbaVUfAac4m--jH3CceUuDoQ_xe5MARvtY8Hir3MWSmedQj14VNwWCjg7Ub2NU59cLZAbvZgyZ39PxEcp6xuwIi6OkuW8AWBGYlgkh0C7ja1t_HwAshU2wSQIRICqDeblpIy_mUuNHkTo3iKYmpLiXlI94rigPHuo25ZtD3VKn3IPxenpLMELHG_WbDGZ2ArGIHAyUpr6WbWir5csB8gIv23b67zl5E-1pr7DNfz2NSRiF-NO7sZSVU94x0vP11EAfXQWBd0H11s6sRtotqZp2Wg9kC66W-EiNBoW8k-cKVxv_kaJmN1832dz9x9_r99oyKSw6IEaVW32iSjB4J08-k16OMayTzuw7szidFOkOGU0-EdeJ6d4937UH5stB-2QXIKFk224TPrqJWsbGVhqa_3SfflBeayOBl8hfrRs9w2YrGBGEKwYNwYNCLP5hnfR3TX6FzM3rZyTaZh5Zg0xEMAZOJi-dgHWkPkIMoCv-5qXFkS0NmLMuaxPWwoVc0mYI4L2yujE6eLMqPJd5yU9Bfik91iNk3HAoaC2dM7LH_H3uGS_LWWOvngMyniwoaLAnoHylCnn7tkVF0SvVLLYaSqYMgchdcDXUddWy9oehyLTQfq6GmyiH43aBc0BnF4DXXtamPQVEralIs12kBkBcY5PrRUbiIdyvxxdfFcG5m6iq56G07XApNcTM4l48o9wCUC4XqmqSLfolBlX5uYPF6c1azYo3nnNz_5hsHmpoHZdlym4IEYx1gUVkMSp0WCtNGUFu42oTCa5deGk3e4BgF-D9F1VodEFWP7y6Dm1MlXgkAhbGlMhYbRyHid6-Lof8wOKucW78k33kmWZOD9znqXImuDxn-ZX80t4iBRsBXX3dcUQMm7KMXz0dSE3M6fSvAjdW1_HvrN2igjtZNbZFsUqAUTt56uGNrc8S_waSoCBFr3IG9Ht4MVKERnQ5ulLaL65lxKjPIgUc9a8iDjf_Gsak0bdmIyxSz6_IuApMPSxHCiyYOYPNv8I9oqS0BX8wFokxG3HMuvX74m8k5ndjgRc2PnIbyDXaaOlOpRvtikfSiYYb6DrzPm-NTCdAsUePA_FXuYqZYqhP4GL6etixmjEXMFU-ClA&cid=CAASEuRoyM7SYrImhxSZWOt11WxV5A&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3BA6 0
0 79ms
77ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0VivYtm6Yd3PH5af9u8P2dGXmAWZpP2YZrb3pe73DsCNtwEQASD9gKc6YLuGgIDcCqABjJP6qwLIAQaoAwGqBO0BT9BiwBrO0KDp335EkEZ-YZa3755WOd2IkGar5AqXu3pORtKEFDiJgj-Vv5d7nc8kGtLHRJvvh3QWm7bzLXCG84TMaMmHKY9uwdfp3qSYS0XpREPL6fipLu_U0f-X7-8GHebkeYnDul8tflDFzzTb3TnaIcaZlJclX8vdnZZzTtAB-zZCqhGg3o1RPgSZ5sy4bAXQcgMRmK6QtM6P6DkC7L0fuC4ksdSsMMsdfXByagN9itUFSHNESHSyIUdg9eQwWHNVj2S76Fhi_1BaViZ44awrEVEwuSwyRwwaSk3d4SMaYfFRDRgovfDiD1fHwASx-pP1zAPgBAOIBZevto8zkgUECAMYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH3OyF1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHCxCWz7EHGNGXn7MB0ggJCIDhgBAQARgdgAoDyAsBsBPAh7cNyBOqmcrdA9ATANgTDdgUAdAVAYAXAbIXHgocCAASFHB1Yi02NzkyMjk2MTU2MzI5ODkwGN3YBQ&sigh=klvBdgTNiOQ&uach_m=[UACH]&cid=CAQSPACNIrLMmgqsjQuuJ6sIP3bdgSsVjVFvQeOtc4MGNWVDeGoD7VSXN6H7rXQO7DDxNohaf8I6mZYZqqCDUw&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3BA6 0
0 102ms
50ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQpduk7Fpk_0DWkSE2Wb9mz1Bg_--6zvR1y_08ZkSdGSrrcV4c9ePl7P-4mUM8cjJiFTCyyohCYA_Xf3g5pbbNq68rCQ
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 26864199501544021
s0.2mdn.net/simgad/ Frame DF8F 1 MB
1 MB 66ms
65ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/26864199501544021

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a365f6bad2b229f0cbaa2d8279f80c6d34c9c8224da42dbd4b4b7847db1d9463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:20:40 GMT
x-content-type-options: nosniff
age: 575659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1190841
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 08:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 14:20:40 GMT

GET
H3 200 3644164255990788052
s0.2mdn.net/simgad/ Frame DF8F 3 KB
3 KB 47ms
46ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3644164255990788052

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f21d843e28fda5fd9d8768f419bb4595168b054df839606e7cf203ad781a510b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 02:06:02 GMT
x-content-type-options: nosniff
age: 446937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3152
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 08:35:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 02:06:02 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame DF8F 42 B
63 B 67ms
66ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BE175QBKcia74svxBd2k8ribAkor6rd5ga_cMMJodMdHKSYDZRzdObEBImjbbR6jf8DBx5nF4zcnLzD_DpvwVcb4rYYTpaQaS35O1Qb92T0gUgmsYu24j9nFOpS-_iqx1OXDmP_Fa7o7oU_dFvgh0_BT7duQ&dbm_d=AKAmf-Ani-osXqxdAye0K8EEyrhuru-ybbZBVANBhEkTqRXagNEjurErs91VsbnWjB8eCPI2tVDPAzDQytmQTsqXYb5h4P5004MEyFvnoNmhTPGs5jiZrccJEiNL9k0b6txqFuacu2w3veLG9VgP2fQ6caqfbcXvXLWy5wzDejQ171S730RkDtD2tUSN-B9jGuAXUAE8OTVEDCamaI48tA29BYXLaR_7iJapimTylYonFW9aOFmaqSVplla9GeJgQEtpR3AvTW8hSYXGBJsdPQU7TZYOL9dSezX9_jOqCJzN12tejcMy6s25WsdIIyp2N2bdJ-Yo2ydwvtckE3igUNNmhvJzywyf8MYk19xC4JPJO3wpDEa_Qq6FXLeOJklzN10vKqHm9zbtIjiWIIU1zWq4ka3TuvuAO6PyVVwBXGMyot-2ORd2fNGJMDKLGF8hUCBaw7jqsd_HFA_BOAOG2D3ZZK0LiD-N1W3MdZPxQsEocrQUJfL8KYO7tfnzVIjunyoFdYUkzvy5llfqihcGY8TpUUJrVL7M9P-DHOnS9aQ5X_E_SzC-9pN7uDCkg__aCNp6G-g7jPqVDXkdUq8NmixiNeycomjlPi_ZtrqQ63KVYmeAVH34e9cdCPmKy-PP2EqfhhUOp5wr9EHiN_v34-DmnlFHvWgaWWGL-Dt8NUb8vgC28Y6LB3FcbZZ4QJtR1OM-PiwIsWaKg4AunMyra5ekHEfi_-VHxhAerued581E6WxUIqa3Q8Eft1fU0KoLC_G3vw9VivZTSLoT9Ez1Z6Xu21bglN2X3psDXl1coBN5I8gMS0y4ZyYgTuBetOOm88zV957INrsHh6ihbd_wmz4vTMdJwiECNd4SoBrn7ZjD_oYeqsUjti0Rww7r2DV3vLbnM-k7botnyv6jtjmGGXnSFQr2JsOpd8lZL6jXPK6BUx54bM6NXHoDvURr-v08l_xdBLnXoqfaLq2xvuLXSfkWGjk_KzDiw_NglNA0dYI77iP4-bVpEtHE_PUty20lFBf6ExH_15JtoI44P5Qwpt1q07ZZAzJv7DVj7PWLngj859CGTEaQp7JaaEcD504-StRICx6xyBeLMOPwGEFZTwppnIUxNxDsaKjnoer8dW6Szd3RsS8aAxa_ADMf_NJeaMqaXxdF5zpohqYyuWeECG0EWgjVId2WWyTSFnBmvtiVah6YK7xkEjwe1cJzMavLh-wiLqnhpDI-xNuVMbhADMr9rWwiBexB4HcEhwp0LQuUGsSHCfQ4E8xj-5DOOrAdUbsjToHMcT4c1lZXFYZY0S8kvfrOp3uRXYnemPI-qDQhY4inET_4AKoaH0OwtwhHKUPj1syrO58chssk65jsgUu2bgxGLgsAQ_w5Kjk0vYlPzsQrbJFawvHgCZ0kvusNSGKIP9LDOX2WsWu3YWDwPCUBZnu8DEQfmx3nFUQU1bQ6Bhkn6z5KBzsxZZLE0AOIw9gbjg70gJ6UpOyLFcXmJwxdN53xZqSN_gMVdPX79rK_eIW8wwxP5_8uAkk3TutriRsq0VmwqekUmrx0kjnn4Ynv4vD3WEjq7l_D3lXlcbUQcOfQUcLzBcD5fkfIcsK4iCup8c-PRQNNg7BcwkbTPof3QxKLMqWhUl10P-dpmjDe4QOobxMGxI9tMPn2z0tEyDrRGPMar9QYyTkirJfKsfkduaK_gAmXciYpLemGYRFTaCKJmBUiq_MeI-oI7mkxxM1KeT53PY4oImSwL4PamjI5Vfc4_-6vqYa-C-HjWXFqWeq6enwmrHZ84OAD_VFeraK4G4GGSRzqhYLuNbeV8YOsvNR7DnDPa9pgir1tidxjBNnJZEEj-xR0y_FBJ2tdqJJ1z5lwoiOcdiI2gPEd7gIhJ9NGCOy0_9zxv8UUcSDVSTGDV6acRPl_gK66GZxom0Q2vyY4hbOveDK1TDbIofRNn_Q4vRlvoqmK9RpKqFoBHx_WIfdsNdAv2SA6zGW5PqHfaRbi8HSmlvzUTfisdw2jUnlQe_Pa0lFDbZ6D0ZEtv4TZzcvPFaDNgqcK3UOI6dmrQtGY2PQnsti6qeXeaUeHhlpSQmG0WCoZkInu7BgrUVgmIHZeDVvVAfOza2H5pyynLcqJmXkPcj09j6Ph001Up9waEZVs6kOJMUJ4V0JttPvngaMKQ-s79jZMd5OQeY8VhgfH_XPFHK9e3QB-rw2XZNQ7p7TzggcJXPyIJl1zGvTruCFVrrCvG5ANlOEcRgPCTKoH_GnU1mz6jcUPR1jKLY9jVmWjJTGjQWCUyw_gWyJ6p7a_fV7ktXYPX1unCec460jJV-yaBSY7uCdhV3wBUeQVdLZ2ezDfaqezJTCgXUMvfj-xEI8kQQ8IkwXzV1DGqlarlByR6u7j3KUpmQGKB5TsF5L5HeUxzihzHFuZv7rOIHgLg1_ock_qzmR8cBpbyrEY42SSvMdD-sIOyiQ7IAo5W5l7nl8u1q1PlNOaFq_KcwL38D6sRFf0fr6TrfHqmybAsCTol_cy26dfDXrhUmgkgKDH_PzDWARNci2K9lwcIG_vEjFLXgSrKu6c5z5hloNpELVwKdsx1r8ZAEibuylx-V-bpigOsMhqn5IlaM1258ACIgAUwqYJ-tborzRhvUaG1pNMTK2J_fdrsOxyVcQ540aQH8Dqhu373HYSmrQyOygPY9w5Ek6x3C1aTAtjSh2E9o1BnAoroqmsfjV_b52ov7G6MZvkcSyjqaalXeiL1lEhridhSxfAmuaocn1br0E6ChVFO6tIVAfALJmYHEsW15zt-a85uUhKArn8fCtZWB8qpfWkz4fdsZE_34eQ1bus7ie-yD6oj27AZGq1E9BpSLlTq3cybhxVDq6TDOfxPv_gtin6diXKLE1Ra7Qs-2Zy_NtQIXHPUMLYblQk-8cSo8sX4raJFA52K6KOlXX8N8zJvsm0C66bntJD58Mly14MiUQtLKzhPt5yVbF9-NlCIx9tLHh8K5N2joKNxDe_iI54EsaAdusp5PtMKR8TNWK-m4qR-lqrBtaqEE0m29t7wU5wfBrrT6mkj-teMYYBn4NoZyaUwWZm9V9EMgfVG31Qh9YKnautTZhMe_iMasUOSKxlKUBivRHlRVg5bRWPcgINtRY&cid=CAASEuRonqaznwOFkzNBV694SgmFjA&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF8F 0
0 82ms
81ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct7KIYtm6Yd7PH5af9u8P2dGXmAWZpP2YZs6zpc2cDsCNtwEQASD9gKc6YLuGgIDcCqABjJP6qwLIAQaoAwGqBO8BT9DOj-4Htu6JfplIicQA1ftaLuQsq8BQd23GEGJTJ6ckJbLDxaTahyIwqfZoIya3hCGMY6RJNiOM33sR7pk7GGz7yOqWJwsAod0HYa20pquj2bNzttZIGN5p5B6z-N4NxYQpvQ0huG4CtdWRmxrOWi7C0VeKNPECOfEMLMSoOwDC7n63Qxy7DoXb2A7JZu9OD988Lpt5DWp0tVEwrff-KlzhO1Uh_Zhuc8WzRIlPYN5a_lexyjSTIDZxoMRaBUO4sBbVDNOF2Jc5nEOvFdnprhR4tr85epcbKVr_6lmhy7bcpakV3QK-CwK8cGS1WMXABLH6k_XMA-AEA4gFl6-2jzOSBQQIAxgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfc7IXUAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcLENSL4AkYk6SjlgHSCAkIgOGAEBABGB2ACgPICwGwE8CHtw3IE6qZyt0D0BMA2BMNiBQC2BQB0BUBgBcBshceChwIABIUcHViLTY3OTIyOTYxNTYzMjk4OTAY3dgF&sigh=YlstXYJ2mso&uach_m=[UACH]&cid=CAQSPACNIrLMmgqsjQuuJ6sIP3bdgSsVjVFvQeOtc4MGNWVDeGoD7VSXN6H7rXQO7DDxNohaf8I6mZYZqqCDUw&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame DF8F 0
0 101ms
51ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRX47yMgnxxfyRJ8zl0xHZbsjhw_dUctHJK_HSGo8jYysaDsVEj48jR-rWhApZ3cMZG9ll6QfihIUfkPHZK5N_zJRMnfQ
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame DEDB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bf2480f7866d7ed38026a928004f3f147fa74d5d81c9a6d0d6885b766b6b6b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DEDB 15 KB
15 KB 43ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 102053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 01:54:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DEDB 16 KB
16 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 88901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:33:18 GMT

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame D331 2 KB
1 KB 514ms
238ms XHR
application/json 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1471164135165636616&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

a72f148991cfceee81546f139479a634ca65379764d3732c0780e5c7aafc84a6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"7e4-yP3J3RSYDcjfYCPhpl80S7cf+H0"
x-powered-by: Express
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-xss-protection: 0
x-response-time: 150
server: tsa_f
x-frame-options: SAMEORIGIN
date: Thu, 16 Dec 2021 06:14:59 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: e99091d95e69db5ad54bd25b274988f462d3d8fe5a3b17170795aa9d794bc879
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
DATA 200
OK truncated
/ Frame 3BA6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a8b39b8982111d6d64c2f696d11d4872f6f4799d93ef5aa4d0b6df1e217ede5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3BA6 15 KB
15 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 102053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 01:54:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3BA6 16 KB
16 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 88901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:33:18 GMT

GET
DATA 200
OK truncated
/ Frame DF8F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b7bebd173ac43f0a651d7fbbee2bdfdb2ae895670c05842fd6c2ebacc461920

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DF8F 15 KB
15 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 102053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 01:54:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DF8F 16 KB
16 KB 61ms
60ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 88901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:33:18 GMT

GET
H2 404 get
c.disquscdn.com/ Frame 7DAE 0
0 157ms
151ms Image
text/html 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fafp+Australian+federal+police.jpg&key=zWsqLeU1sJQZT166Ijuweg&h=200
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 get
c.disquscdn.com/ Frame 7DAE 12 KB
12 KB 56ms
49ms Image
image/jpeg 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foptus-stores-1.jpg&key=y5lgGhO6v6bJUKv0BXO8Dw&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e0d1fbc0381aad81d0e7c296dc8aa2990e42a8615399f3e72395c73c632669c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 09:00:24 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 681275
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 12013
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 4-1bI1WgBB7It4WKxQEmmTCkurzQVKhXnCJpxXUbrrJTiRExBEpOvQ==
expires: Fri, 07 Jan 2022 09:00:24 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 7DAE 17 KB
18 KB 54ms
47ms Image
image/png 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fdoordash.png&key=gzmhlCbfTE0j3neaxATfOw&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

950aba7dd75e3418fbe2c1d83fcdf7dcaa6fad184f64d11bcba0e096006e206c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 04:24:11 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 611448
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 17773
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0uYmguv7ioiy5Y8zwR_Agec-BL6qAi9wI4PrjgyeFJxfC6y-_eQMaA==
expires: Sat, 08 Jan 2022 04:24:11 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 7DAE 18 KB
18 KB 51ms
45ms Image
image/jpeg 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20200601120921_0_0_0_0_70__News_nbn_140617_018.jpg&key=i83nnQvDR2SQFSdjkBAweA&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7ea56ed7e3c25c3aa4f5b1929ddebdf5af294901601a74e1a97eef970299bf41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 21:39:23 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 549336
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 18348
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: UcuIVPzywzI0DwKqJ6KqO1GfpM08PX8sx2wA7rhTcUcE7DRUtoBUug==
expires: Sat, 08 Jan 2022 21:39:23 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 7DAE 8 KB
8 KB 62ms
56ms Image
image/jpeg 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F2021-12-03T153141Z_1_LYNXMPEHB20OX_RTROPTP_3_ARM-M-A-NVIDIA-FTC.JPG&key=oDYwrKTF2B43Y2ypAulr-A&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

60e74633ce7f88aba2ff2d520f39298f8170c7edd49c8f2685ebcdf6983a0888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 04:20:51 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 611648
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 8092
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: _WemuWJf4eOpQ4xSoc8NiZWC07NFGgJkn1vlPPUv6SWCYDgJHcQaOg==
expires: Sat, 08 Jan 2022 04:20:51 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 7DAE 20 KB
20 KB 58ms
52ms Image
image/jpeg 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fpadlock_and_keys_security_privacy_breach.jpg&key=6Lz2NBLQV_Vy6yvBmBiY_Q&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

452819bfba62e959a372089126f528007d5c4043e37c3dba2a624b6364df36b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 04:05:50 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 612549
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 20305
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: uanbrbdq7qT6rzqxe-B3o49seZTL5ovtT5ZP2Kwais3bkZJjOelF5A==
expires: Sat, 08 Jan 2022 04:05:50 GMT

GET
H2 404 get
c.disquscdn.com/ Frame 7DAE 0
0 159ms
153ms Image
text/html 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Famazonalexa+reuters.jpg&key=9b51OStYOKCVL_zDzqINYQ&h=200
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 get
c.disquscdn.com/ Frame 7DAE 18 KB
19 KB 61ms
55ms Image
image/jpeg 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Freuters_intel.PNG&key=fFsi5WmG-olO8yiBYejbJw&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

29031eec750cabb84d5b5335b04f6d5d86241cb5ea00fee56ae46d912cc5f3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 02:21:42 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 273197
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 18873
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: k1IFxEuaUReeC1HG-PeV1aqbNAAa2u0K4KvEmiF1j_JlZG-PMX_Scg==
expires: Wed, 12 Jan 2022 02:21:42 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AA95 0
15 B 126ms
69ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.itnews.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:14:59 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BD19 0
18 B 106ms
68ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.itnews.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:14:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2CB2 0
0 130ms
78ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVa7NUiHC0m9GLrcg8-eSxS_YnIs3iXjI5KFOccD4UKpbYCZfxJRWd8JbFF7uzsj-KdbsOv5lWNl9tchwdHcvGKWWQ-FOxC4FAxBq0El7FWqRceAi95aPwqkVlw3RXfAHWyKGyU51Xf-knu2YslL8BDhDj6LNGBg01bED4FXanDzrVPPrHaQh9ZabzsA1zOC3eIw4YnYwOfI3uNzeAwk-ZlE8DmY4NOykzdtOs4L34cTEEHm22e8bogvHDTiyxgfTJF2NraMRwKcZn3vO4O0tA68LrU-KBD-O9hEdkyZNZZMhBa_3qyI0v8X4&sig=Cg0ArKJSzE9K_5ndzEsUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
DATA 200
OK truncated
/ Frame 2CB2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 534abc61b49308943cf18710cf8d3933066128e1387284b54b60c67a1a4cbb73

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D8E 0
0 114ms
76ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHty5GkYVjSqHHFf6aw4IUR4m3IlsZ3BgSHqBDwlxjbhRWZvVDUsX_DTw-LSt_UhM5hnQz_2wyxQArReGsW7gBnT8uIHJmZ22XMguK5schwS6rsH62oWhJ2jkNYoS3NFiyibd9mmryKi9ZeRsbABYcOIUO0y5QQ3NYsEHxcLMm1n93wtRZnoQs8IhjWBzqHsyje7UcaoW4-P3eXHaVzha5Ycu2p3LUw4QH5Q-qWWDCx2_4WkX3vtBE99y6boRHuDGFMw11lTkk6HXgUOp_wsnkZQrrx6bPgW7XCX36ZZsJRc50qwbpNYtT24jTcw4wBID-ag&sig=Cg0ArKJSzHoeIr36XSv-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
DATA 200
OK truncated
/ Frame 2D8E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe104abbaf70a38fb28021dd9abddc7b0f166ef25d9a484ddb71b51e6cb327dd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74D2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f84f457f608fe367a3d9fd08285ec508f6bde670dee2277c9d015aa681c2e814

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DEDB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

145ms
145ms

Image
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3BA6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

65ms
65ms

Image
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DF8F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

89ms
88ms

Image
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H3
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 img-placeholder.df52e7638153b73862008d3d0556fdda.png
c.disquscdn.com/next/recommendations/assets/img/ Frame 7DAE 1 KB
2 KB 42ms
42ms Image
image/png 2600:9000:2156:ac00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/recommendations/assets/img/img-placeholder.df52e7638153b73862008d3d0556fdda.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ac00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:47:25 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1884454
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1054
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 23 Nov 2021 19:16:33 GMT
server: nginx
etag: "619d3e11-41e"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 24 Nov 2022 10:47:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MbHXb0GzxSJSIuU86CogaaHCYz9jwPrsGRa_7zgR6P0ZiFVZvKYJAA==
x-cache-hits: 0

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 600 KB
132 KB 288ms
66ms Script
text/javascript 2a02:26f0:6c00:191::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/84405/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3b0c9399b95682009c5bc6479b60026b1463da74dbba7b7fa9d9a46a98889bac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: AXDYBN0STF8ZB6DZ
content-length: 134078
x-amz-id-2: aIjpDQ9oAV57To9ry3xGA3ATSGgpktHGLMfADNODzf5xCMJPXWoyxxhuwEJ26BJ/zOr8KDjx/L0=
last-modified: Tue, 14 Dec 2021 13:15:12 GMT
etag: "1577e17645384c393fb24d016a9c2cca"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 9
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 16 Dec 2021 06:44:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74D2 0
0 77ms
77ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuY7YAxy_bTysDXG3NQWVWF6_0I3p23Ghu_ihTqbon48iYu60rv5E5OtYJhf-kbHFfhrgE0udYkG-DH52ZNARnUZQSsGYh-4M0piqNUIUCNgUugVI25QwzGPA2pbsK0tepEzQj4O3Ds7T7MqTJJCHBzTNn-eD9zNNCM7C8sPGm4WpsHZHD2tamq0pw1MpbF-eXp7YqIEf0DsTkZ4kUUKiHZ2Pild0MKeWhC0d9RfXarMhz3qIZ3dZVMVr7xbriBaBQR77anzJSjrb-5JjqkLlikHsaRHv2mmLqL2Mbp3rYu96WtIWkUKSzhEZ18uA&sig=Cg0ArKJSzIrllTdRoEPNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 16 Dec 2021 06:14:59 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame D331 43 B
379 B 137ms
137ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639635299765%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22iTnews_au%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22iTnews_au%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22860263f%3A1639072779848%22%2C%22item_ids%22%3A%5B%221471164135165636616%22%5D%2C%22item_details%22%3A%7B%221471164135165636616%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Thu, 16 Dec 2021 06:14:59 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d879a0678841cd721e9ed33f1138fe757f2b0be443d4bcef7799c6ed814ede38
x-transaction: ac24fcd644deea19
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jwHIN2zE_normal.png
pbs.twimg.com/profile_images/1097553901308514305/ Frame D331 5 KB
6 KB 65ms
64ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1097553901308514305/jwHIN2zE_normal.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF0) /

Resource Hash

044f1ff1e05043740c4e7937e5f293aea5da36ba505b7bd98a53f6e5960a672d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:14:59 GMT
x-content-type-options: nosniff
age: 471245
x-cache: HIT
content-length: 5607
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/3 profile_images/1097553901308514305
last-modified: Mon, 18 Feb 2019 17:48:16 GMT
server: ECS (mil/6CF0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cc92916b7c097df05ff1a0771979b5ac6153539c160ff85537dbce28762392be
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 track
t.teads.tv/ 23 B
113 B 117ms
93ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=987872b9-d657-4a66-8ca0-370095be6d9d&pageId=84405&pid=117459&debug_metadata=P5Mc4U8uPj&fv=928&ts=1639635300013&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:15:00 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 109ms
86ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=987872b9-d657-4a66-8ca0-370095be6d9d&pageId=84405&pid=117459&slot=native&fv=928&ts=1639635300022&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:15:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/84405/ 540 B
575 B 86ms
85ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84405/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081&page=%7B%22id%22%3A84405%2C%22placements%22%3A%5B%7B%22id%22%3A117459%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A880%2C%22height%22%3A495%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=987872b9-d657-4a66-8ca0-370095be6d9d&formatVersion=928&env=js-web&netBw=9&ttfb=320
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ed692b5984235e385edd29f7bffbc9f1897ff71dc18138523360e96c3f86b24

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.itnews.com.au/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:15:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.itnews.com.au
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 366
expires: Thu, 16 Dec 2021 06:15:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame D331 43 B
170 B 141ms
140ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639635300042%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22iTnews_au%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22iTnews_au%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22860263f%3A1639072779848%22%2C%22item_ids%22%3A%5B%221471164135165636616%22%5D%2C%22item_details%22%3A%7B%221471164135165636616%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1545.5999994277954%7D

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Thu, 16 Dec 2021 06:15:00 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d879a0678841cd721e9ed33f1138fe757f2b0be443d4bcef7799c6ed814ede38
x-transaction: a50d07ddeb68149a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 79ms
79ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=987872b9-d657-4a66-8ca0-370095be6d9d&pageId=84405&pid=117459&slot=native&vid=00000000-0000-0000-0000-000000000001&fv=928&ts=1639635300116&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fnso-group-used-fake-gifs-to-hack-apple-imessage-574081
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:15:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H3 200 ui-bg_flat_75_ffffff_40x100.png
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/ 247 B
274 B 42ms
42ms Image
image/png 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc87114ecf1d8bdd5f75fd6a3cff45db5782d41249cd7af503bfd54a106a8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 20:31:36 GMT
x-content-type-options: nosniff
age: 35004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Dec 2022 20:31:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 103ms
54ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5910036ca36ee19b1c83e2cb3688382973001e35ebf9fb5e3dc12b95a1e36767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8454
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D8E 42 B
64 B 90ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumSZBevmFQaQ-kbHVJitsUetgJbZEG-l8LGpe1k7mWNyGlxfedRYdVbnkcWdpWG1i6Fv9pXYhRJ2AOba_toLDSR_Vjp1Ne15BEYKlQujeXrsJutiO5&sig=Cg0ArKJSzIr68i0HosAREAE&id=lidar2&mcvt=1000&p=360,480,840,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=727088295&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635299114&rpt=276&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:15:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:15:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-nyc.doubleverify.com/ Frame 6235 0
232 B 302ms
97ms Ping
text/plain 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-nyc.doubleverify.com/event.png?impid=f2e91991b8b745389db0869dd8ee1110&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgB=197&vdur=363&eoid=8&msrjs=1940&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=259&tetms=12&msltms=158&vltms=363&sei=289&vetms=30&engms=1&engisel=1&ttfurm=2411&cbust=1639635300543919
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dianomi.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dianomi.com
Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/15/2021 06:15:00

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DEDB 42 B
64 B 81ms
80ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstk8EJ0YVVUhVr1DR2DyPYmKkD149lE9Qypw_RUbvJSQM6Lf_fpFdu5KmVnYzYDif-0zTN-CFesXvAYX-kenGILDvzffVY2qhvQ4Mg-hBQUmU9Rhelfew&sai=AMfl-YQqTnWcso2-i_gPJYV-1Ns8tdNKLaStvW1rg4Tfmuh-0NLqeFUUScHEhfi6qTgabD3YPdDBOYx70PLpVl663vplwjLARKMPLzsAh2uaf-3F608urUFPS0OjNn5_&sig=Cg0ArKJSzPeuzeFu9x3rEAE&cid=CAASEuRoa_mate9S_jF_Mk4QewEuSw&id=ampim&o=315,203&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=231&tls=1231&g=100&h=100&tt=1231&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=667020349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:15:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B45 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 15 Dec 2021 22:19:03 GMT
expires: Thu, 15 Dec 2022 22:19:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 28557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D0D 783 B
535 B 53ms
52ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee311464e24ea8096fc1f47f61232f45581e0289af0c932e251ec524ed90d428

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3QiSSqt8aKfjiI7x/d58SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 16 Dec 2021 06:15:00 GMT
date: Thu, 16 Dec 2021 06:15:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3QiSSqt8aKfjiI7x/d58SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 204
No Content event.png
tpsc-nyc.doubleverify.com/ Frame 24C0 0
232 B 290ms
97ms Ping
text/plain 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-nyc.doubleverify.com/event.png?impid=2bfce24a92514040b6c7c516d51feae7&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=17&vdur=296&eoid=8&msrjs=1940&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=259&tetms=6&msltms=103&vltms=296&sei=290&vetms=1&engms=1&engisel=1&ttfurm=2304&cbust=1639635300616383
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dianomi.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dianomi.com
Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/15/2021 06:15:00

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B45 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 16:07:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D0D 0
0 93ms
93ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3537079483879137&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3537079483879137&bg=!y8ilyIzNAAZKWFskSlg7ACkAdvg8WhqZNmaY5hCYqFC6LVSHidHWWBrRf9EI4uHFDhzJ9UwZb4vYvwIAAABPUgAAAAtoAQeZArMSu0Ek6EwSZ0smeUt-TIzqHK5-UYwOsFkoaplK3zG41ewqozXM5C_vPmPq_mv__vYcmTbaTRTO9RUXgaLCWF2Uh0uxubcyr4kM6vcZX_8CepJmXo2N49StwgCDojpLFq2UcR_nyDnAxJOtK8ubQO_XBQc3kKWJ11Xyj7ohpgE647KKrq5biQ6XsPwVelyol8Ned5OhaWxJvzH6YFzjYsiV_XffvTdx5pgR3fjaelMxcmOOXTcFOQUkUPoHaJ9ncwDMMy8IYDwywmwd6GzlLNi5TPs47Fu1YACK3YBbt0zXvVv_WnF4WqoyBQPUoBH8BW_fFLkLBQFX53pIrP9ZQ0w6QEoQu_JlmXsbmjccwq4uCSQ14OEQPpF8UPxY7whoPQl_ZSY3AoV_zW1ezBOwqSqeJAAmCG9rV7PuMy0HX80IljGMWLMs4LO68CnpTnN_PwzF1kprJu5mIm-A46BDYQt93UQjGOdR92ZUnKE-cWjOJi6kcB-D7ueZMo18lp3RUX_x3pILSVU7mUgK3sAfE5ZKjo6iGvw32X9hIDtN6VEayxfjzmCTNTMNUQDIlUhI2f8b_mljdt_SJ0bJuI2ajNSgF5KWjEK1XvzGSRcwzIKZv6pe3KXX8gFhMkJSIUkPyij6oI2ngude6uexo7rDdzz27OVcWvlt8lIU1AV8TFuUhNa1s4a_8UjtskG3sg-HWwAgZ3PfxA3MelZkIypP-EYhwlVBc-JbGpQ54g-UV2cTDJzNDbDdt5TlSdvDH_w5faDB89NNhDRCB6dLXWkZ-87P4-bzvZonmhROu_XYqKx5uqnLI7zzQruZ2prB0159TxYopaPrDbfIXJWw36jKm65c4msD8GepgVq_f4oK9IhfOcqiB0QwYGeRlKqNGcXx7SvUSQ_9ouMUbcdZueevdAZz0ytt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:15:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3BA6 42 B
64 B 81ms
81ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssILElAR0hzOgLPy-wjCEhHoUzJlFddoMI502mXXdGzfCS-2YSfyERVQ4fvl7cTTIx2jdk4zaCENjfQk1jB9GNV9Y5ts1nAIONuBIzZoMGtpr4pe_289w&sai=AMfl-YS6HoprIYzXCmO7G_ScIScO-dYUPX8ZveWoYKV_mGKW6tsaGhu0E-0jiDMSedXGk4FeguIUImGl48P4TMDkMdCS-J94aDcubqFng9k68dI5HebPbJfWUvESCaq5&sig=Cg0ArKJSzFjGg_ORDRcdEAE&cid=CAASEuRoyM7SYrImhxSZWOt11WxV5A&id=ampim&o=531,49&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=431&tls=1431&g=100&h=100&tt=1431&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2669764438

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:15:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-nyc.doubleverify.com/ Frame 6235 0
232 B 99ms
99ms Ping
text/plain 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-nyc.doubleverify.com/event.png?impid=f2e91991b8b745389db0869dd8ee1110&gdpr=&gdpr_consent=&msrcanlm=264&msrcannum=2&eoid=11&ismms=26&isumms=26&isvelg=1&nvr=2&elmtp=4&isbxdms=2428&b0=2634&adhgt=600&adwdth=425&engisel=1&dvp_vsosnmr=1&lftb=2634&sftb=2634&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=425&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=26&dvp_dpr=1&dvp_itg=HEAD:1,META:3,TITLE:1,STYLE:1,LINK:1,BODY:1,SCRIPT:6,IFRAME:3,DIV:44,SPAN:1,A:6,IMG:7,NOSCRIPT:2,&cbust=1639635301542928
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dianomi.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dianomi.com
Pragma: no-cache
Date: Thu, 16 Dec 2021 06:15:01 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/15/2021 06:15:01

POST
H/1.1 204
No Content event.png
tpsc-nyc.doubleverify.com/ Frame 24C0 0
232 B 97ms
97ms Ping
text/plain 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-nyc.doubleverify.com/event.png?impid=2bfce24a92514040b6c7c516d51feae7&gdpr=&gdpr_consent=&msrcanlm=264&msrcannum=2&eoid=11&ismms=9&isumms=9&isvelg=1&nvr=2&elmtp=4&isbxdms=2309&b0=2523&adhgt=600&adwdth=425&engisel=1&dvp_vsosnmr=1&lftb=2523&sftb=2523&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=425&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=9&dvp_dpr=1&dvp_itg=HEAD:1,META:3,TITLE:1,STYLE:1,LINK:1,BODY:1,SCRIPT:6,IFRAME:3,DIV:44,SPAN:1,A:6,IMG:7,NOSCRIPT:2,&cbust=1639635301616494
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dianomi.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dianomi.com
Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:06 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/15/2021 06:15:01

POST
H/1.1 204
No Content event.png
tpsc-nyc.doubleverify.com/ Frame 6235 0
232 B 97ms
97ms Ping
text/plain 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-nyc.doubleverify.com/event.png?impid=f2e91991b8b745389db0869dd8ee1110&gdpr=&gdpr_consent=&mascid=kx8kit58qgh1ejltfr5izxev64yt9wmb&dvp_masver=1940&eoid=12&cbust=1639635303646306
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dianomi.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dianomi.com
Pragma: no-cache
Date: Thu, 16 Dec 2021 06:14:08 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/15/2021 06:15:03

POST
H/1.1 204
No Content event.png
tpsc-nyc.doubleverify.com/ Frame 24C0 0
232 B 97ms
97ms Ping
text/plain 204.154.110.79
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-nyc.doubleverify.com/event.png?impid=2bfce24a92514040b6c7c516d51feae7&gdpr=&gdpr_consent=&mascid=kx8kit58qgh1ejltfr5izxev64yt9wmb&dvp_masver=1940&eoid=12&cbust=1639635303717471
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: bs-ec.doubleverify.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dianomi.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dianomi.com
Pragma: no-cache
Date: Thu, 16 Dec 2021 06:15:03 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/15/2021 06:15:03

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.itnews.com.au/	1969-12-31 23:59:59	Name: RegoSource Value: ITN_574081_ArticleRego
.itnews.com.au/	1970-01-20 01:36:51	Name: _gcl_au Value: 1.1.560247121.1639635298
www.itnews.com.au/	1970-01-19 23:28:41	Name: __ss Value: 1639635297703
www.itnews.com.au/	1970-01-19 23:27:18	Name: __ss_referrer Value: https%3A//www.itnews.com.au/news/nso-group-used-fake-gifs-to-hack-apple-imessage-574081
.itnews.com.au/	1970-01-20 16:58:27	Name: _ga Value: GA1.3.989228755.1639635298
.itnews.com.au/	1970-01-19 23:28:41	Name: _gid Value: GA1.3.756092318.1639635298
.itnews.com.au/	1970-01-19 23:27:15	Name: _gat Value: 1
.marketingautomation.services/	1970-01-23 15:03:15	Name: koitk Value: 202112%7C61bad961c538eb1baf3672ab
www.itnews.com.au/	1970-01-29 02:27:15	Name: __ss_tk Value: 202112%7C61bad961c538eb1baf3672ab
.linkedin.com/	1970-01-20 00:10:27	Name: UserMatchHistory Value: AQIfqiCqnxqj4gAAAX3B4Sdp25dKca3HoZUG8IWXJR6Cj51kVVBe1xQw81X6yuN8m1OZZrlZtBg7BQ
.linkedin.com/	1970-01-20 00:10:27	Name: AnalyticsSyncHistory Value: AQKVy4LZxuR7owAAAX3B4SdptVUIha0pODrBdWy23EG1tmRQahK3BHiv3rh7IUgq-QvKiGDQfFiaZEhuAtlc-g
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:59:09	Name: bcookie Value: "v=2&48ad8c65-8b12-460e-8595-34e10987e298"
.linkedin.com/	1970-01-19 23:28:41	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2504:u=1:x=1:i=1639635298:t=1639721698:v=2:sig=AQH_PI0nCTxh1Pju7ewKAtSi0nO0_oZq"
.itnews.com.au/	1970-01-20 08:12:51	Name: _hjSessionUser_2321248 Value: eyJpZCI6IjlhNTRkNWZlLTkyZDUtNTE2NS05Yjg5LTRhNjk4ZGExMDE2OSIsImNyZWF0ZWQiOjE2Mzk2MzUyOTgyMTMsImV4aXN0aW5nIjpmYWxzZX0=
.itnews.com.au/	1970-01-19 23:27:17	Name: _hjFirstSeen Value: 1
.itnews.com.au/	1970-01-19 23:27:17	Name: _hjSession_2321248 Value: eyJpZCI6IjNkZjNhMWQ4LTViYmYtNGQ4ZC04MzRhLWJkNjA1Y2Q2NzgwOCIsImNyZWF0ZWQiOjE2Mzk2MzUyOTgyMjN9
www.itnews.com.au/	1970-01-19 23:27:15	Name: _hjIncludedInPageviewSample Value: 1
.itnews.com.au/	1970-01-19 23:27:17	Name: _hjAbsoluteSessionInProgress Value: 0
www.itnews.com.au/	1970-01-19 23:27:15	Name: _hjIncludedInSessionSample Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:59:09	Name: bscookie Value: "v=1&20211216061458d78b2117-e088-4baa-87bf-d65d86c9667dAQGPT3LTY5Mu8CjTt6JEYuFKIylUjL9h"
.linkedin.com/	1970-01-20 16:54:00	Name: li_gc Value: MTswOzE2Mzk2MzUyOTg7MjswMjF31IgjRy580ldhLDHkx4r6A0CGRaYUv+lpXnONM1d4qw==
.prfct.co/	1970-01-20 16:58:27	Name: pa_uid Value: pa_x7PmDvb0VzjoeVL33
.prfct.co/	1970-01-20 16:58:27	Name: pa_twitter_ts Value: 1639635298631
.prfct.co/	1970-01-20 16:58:27	Name: pa_crosswise_ts Value: 1639635298673
.itnews.com.au/	1970-01-20 01:36:51	Name: _fbp Value: fb.2.1639635298699.1999777042
.prfct.co/	1970-01-20 16:58:27	Name: pa_yahoo_ts Value: 1639635298712
.adnxs.com/	1970-01-20 01:36:51	Name: uuid2 Value: 5389241007823560723
.twitter.com/	1970-01-20 16:58:27	Name: personalization_id Value: "v1_UUTIA0+E4xtVb3D+ZqkjFw=="
.yahoo.com/	1970-01-20 08:13:12	Name: A3 Value: d=AQABBGLZumECEI8aWOLQZX4SyD2qfW6KFJcFEgEBAQEqvGHEYQAAAAAA_eMAAA&S=AQAAAgIR7c6QcH_iiUkT2B86QcQ
.prfct.co/	1970-01-20 16:58:27	Name: pa_openx_ts Value: 1639635298864
.prfct.co/	1970-01-20 16:58:27	Name: pa_rubicon_ts Value: 1639635298880
.prfct.co/	1970-01-20 16:58:27	Name: pa_google_ts Value: 1639635298884
.analytics.yahoo.com/	1970-01-20 08:14:17	Name: IDSYNC Value: 18z4~2246
.addthis.com/	1970-01-20 08:48:51	Name: ouid Value: 61bad9620001284ed0aa3c15954aa8c8d0d31ef08401ca641f4a
.addthis.com/	1970-01-20 08:48:51	Name: uid Value: 61bad962e5db6ffc
.addthis.com/	1970-01-20 08:48:51	Name: na_id Value: 2021121606145890300876799201
.itnews.com.au/	1970-01-20 08:48:51	Name: __gads Value: ID=b92f359f3e6b6d3a:T=1639635298:S=ALNI_MZAXmxCAjKbv_9bxUEkhfTvNvl-0w
.adnxs.com/	1970-01-20 01:36:51	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?iq-b5/!]tbP6j2F-XstGt!@DlR$qow-
disqus.com/	1970-01-19 23:27:17	Name: __jid Value: 8tn564v34cq6ts
.disqus.com/	1970-01-20 08:12:51	Name: disqus_unique Value: 8tn569b4u8ore
.doubleclick.net/	1970-01-20 08:48:51	Name: IDE Value: AHWqTUlF_DxOIRc4SSwiVJoi_4sYlrHk6kJ035KDa_GXDeyvfjWEhAzDTU8IsnYrZds
.facebook.com/	1970-01-20 01:36:51	Name: fr Value: 0G63HybYppDEbe05q..Bhutlj...1.0.Bhutlj.
.doubleclick.net/	1970-01-19 23:27:18	Name: DSID Value: NO_DATA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/022111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/022111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fafp+Australian+federal+police.jpg&key=zWsqLeU1sJQZT166Ijuweg&h=200 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Famazonalexa+reuters.jpg&key=9b51OStYOKCVL_zDzqINYQ&h=200 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/022111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
a.teads.tv
ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
analytics.twitter.com
c.disquscdn.com
c6af3b5b9e735cc269aeaca87476651b.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
connect.facebook.net
cw.addthis.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.nextmedia.com.au
in.hotjar.com
itnewsnext.disqus.com
koi-3qnnf9xqbw.marketingautomation.services
pagead2.googlesyndication.com
pbs.twimg.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
referrer.disqus.com
s0.2mdn.net
s8t.teads.tv
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
t.teads.tv
tag.perfectaudience.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.itnews.com.au
www.linkedin.com
104.18.22.230
104.244.42.67
104.244.42.72
104.75.88.126
107.178.240.224
108.174.10.14
142.250.185.194
142.250.185.66
142.250.186.102
142.250.186.130
143.204.98.104
143.204.98.123
143.204.98.93
151.101.130.217
151.101.64.134
18.156.0.31
199.232.192.134
199.232.194.49
2.18.232.7
203.176.102.67
203.176.102.69
204.154.110.79
2600:9000:2156:ac00:6:8656:f5c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2620:1ec:21::14
2a00:1450:4001:801::200a
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2001
2a00:1450:400c:c06::9d
2a02:26f0:6c00:191::26e5
2a02:26f0:6c00:286::4469
2a02:26f0:6c00::210:ba11
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.254.124.164
35.244.159.8
37.252.173.27
52.21.179.197
54.194.64.183
69.173.151.100
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746
01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88
024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b
0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a
042882d15b906e6b3692def5af2871533f8d556a2b5506af99ec2ecff4d5f5a5
044f1ff1e05043740c4e7937e5f293aea5da36ba505b7bd98a53f6e5960a672d
09e52a4fec111df4ffbac9a66c66102017e7d0ce13e522aaa9534d13c399d5e0
0b7bebd173ac43f0a651d7fbbee2bdfdb2ae895670c05842fd6c2ebacc461920
0c9447df280080307c1f2276a3d43f9bd6eb2a89dd0c37de8251f4ffa5d15d40
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
0fc87114ecf1d8bdd5f75fd6a3cff45db5782d41249cd7af503bfd54a106a8bb
1096ae848f7e01f065ce530dcd17bd1a1af503a2c4ae83cbf8972e900446e36a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac
131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
1a8b39b8982111d6d64c2f696d11d4872f6f4799d93ef5aa4d0b6df1e217ede5
1b598105ac886e625b0389d9a22b4c677d6b53059ceff76c81afc10d36c4febd
1ce3778ce3ac2b62e70f43e02cea839d5de3276060a87674dd7126fcbf9785cb
1e3126f4b1713295ca3a4510ea8a6be422cfe78cc9603dc8351818edcc6a1254
1f49fb53cc69597ea9601b7958be8166a9f2ceb0d90a955e07f3f0cf7ab2bb01
2467a30f41e17d9b55db7247bd02be63093f897b4c0873b047b03d498f4ad869
2588a1ade08a9703c551df6f5c20b93f37cbea766a1e8878a5c32cd8f05009a9
25e6492f309bd8b72f21c399aa9790153523c55774e39722b47084ef07c41bb8
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1
29031eec750cabb84d5b5335b04f6d5d86241cb5ea00fee56ae46d912cc5f3d7
2984af4144b8764d79eb699e7342edb40bed6557c614f206b1321b66ec16e703
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2c075a41ce6c691b5c599b6d3546a078e123e2a0eb8e2d81c65eeb389f96cb98
2c3f6b4c90c8c3bbe949a5fcbe010bbd9879ff792503728a36cb23f2c9bdebba
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f
31e44dd75556064a7a8181032ce06f4560fd836918c345d6904874e8aefe5c14
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33391baaec782c378a1fb4d805c86c1701a684befeff518eed6e87db2a2b5e07
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3b0c9399b95682009c5bc6479b60026b1463da74dbba7b7fa9d9a46a98889bac
3cc7439d0bcd61351187d0bdb4baf49a9ddd8b096ccadf39b13bd848a74d9012
3cf3201fffcf146e11dd447dde4dab3605c0ec1a63da9fdbe456f1920460a0a9
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
413dc61acc8e9741b76a34382ddbe3632052fe38d580bd2680d3e9d407ceb6be
442620a1f39799b8fc4c19d02d997d8756dba122708a74e01b6959728ca0713f
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe
452819bfba62e959a372089126f528007d5c4043e37c3dba2a624b6364df36b2
478c5f8a6eae3c3fb88aeb88c48129f4bcc794d54bc826f03f1178aa4859ee92
47d10c916915480806f7e1066ff6194fd0bde12ef7c36e68f8155d47a10bd531
4a3446509e83b8301500cea0d3c48f5787319c122230e1b1667189a96dab8b20
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efdc737c610ab82283cad1f82154db195553d0d79c93a6981efdf52c38c4f4c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50cc598d3268ac3d82709df633978419851c01e08f1a5f6ce70498040d2df034
51c7868ce91ed8f0e00b4ecea702098f3518fc7785129ef566d8ef6a98d34c14
51d03b0e5c77c8e9a0f743307168b9f7db8ba1d9e0e24cc287be4506f2609576
5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327
52d9f5285bc95a0e49b26504ecf0f5a8aae189987fefe28060a71023c9f8aa9c
534abc61b49308943cf18710cf8d3933066128e1387284b54b60c67a1a4cbb73
551210a5f01fde913b3cd9ff8e6629025bfb020b347b76c2f471efa7c1b546fd
55137ef149a167f95c05413b93d602ce902fad428fbac86f1e77e8bac20a3395
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5910036ca36ee19b1c83e2cb3688382973001e35ebf9fb5e3dc12b95a1e36767
5a6e050a61839ece50cf29e921f870d9287fc093d999b0e47264e19d65fbf8ca
5bc86ad85ee4ecae2db4187ce11fd6f49d70f43c514cf139f3b9421dccef30ad
5ca348d98fb44d533638bb8135e3b480bd2cba78693d0b5edfaa40b1d496a5b0
5fa4b9d9a56c65d6f525056d71f4e46b1f2750e86960343402424d88c13772f6
5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60e74633ce7f88aba2ff2d520f39298f8170c7edd49c8f2685ebcdf6983a0888
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637ba5312381be82d03c805c859a188c9c1abab50edc53222eae8e2934b9f62f
63fdae2e107092cadb58b46920b5c86043e0d085583559ad9f448890193a46e1
65d9389fe9d46716569f84e906aa677cb47237fd79ae07010bd77611d73adef4
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef
69c683f2b2eb68e7db5096280c3d56d654d901954f25536e1a6407de4df7c42f
6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd12bc6a952032c3ed4f7d9e733717d970d7c73b3f685faee89128b17c6b309
6cf3b552882b71ca4624388b0cf71d4fbbe861a3e045439d2b5d704b075ef302
6f04c6ba9510ec8d7ccdeca4edc6f5de95ebabf01675599d67aba6a23c05f76e
6f7ed14c0fa08378038616275dd1823f732b18f4463e44272a5d74ff72db618c
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71307386055053d3582c5e3b05d30b1582caefc9cc39ea497e553254277f6a76
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
728b2abe8f348e8134d1728ddb288632abd41083df888a67d7446a5b74f290fa
75ecb3ea79f6c0822028a1cf5112d15b48f7b7321c0fbe73a99c6bff36da9eb6
780326c6663a6ee4f40664caea9d58dda4b8fa1c6302628e955d32d71424d1e8
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03
7a7f7b00e22cf33ff4aeef9005ebb800ccad9f67e326142d8ba30c2e801ac719
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8
7ea56ed7e3c25c3aa4f5b1929ddebdf5af294901601a74e1a97eef970299bf41
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8073090ec43cda6ee534fef1585aeb3a32150a4243494139d89cafb83efd42b8
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba
84c599eb1ff381d2b452a1fa836d59a8b42482fe3a3baea5a0583128abdb67a0
877a2ec285bddb78038a702f6cdea910d67c01c7650057514135f4fdc5264756
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8adca499e1df523be4c7a12e32ad6a9f5f9ba717d54569caed671e06472f0ae1
8b56f9dd411a7face122ef59eb68331022d3bc1508c7b380b03053afa57e5c21
8bf2480f7866d7ed38026a928004f3f147fa74d5d81c9a6d0d6885b766b6b6b5
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8eedef8905309b03d65b70624965f66540625b39b07d0cbd31ba6813645121e1
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
91d7a7c925319c8aeedb7edd12edb081eadd5784095018b6df2e81199d7094f5
93d930c0a00df6758a69e163593e706a402653fee93cfc0053c4d9b554c2ca9a
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7
950aba7dd75e3418fbe2c1d83fcdf7dcaa6fad184f64d11bcba0e096006e206c
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
96f1173b3c05e0f7230e3d2b4ac6ebd7d816de5e71ebabfbe20e2b339dba6078
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ed692b5984235e385edd29f7bffbc9f1897ff71dc18138523360e96c3f86b24
9ed8d2a4ecb4d07343fd8b5e43ad7bbf833f1194b2e7141058ed23f4d6f7b613
9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a017571443bb27ca29ee2d9221639df656b0b5f3b0f370fc68aac31fa98ef30c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e7e32cf14caf3c5f5b29e79bd8711348a5bf2137a12104d2cd1b1110b0f272
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a365f6bad2b229f0cbaa2d8279f80c6d34c9c8224da42dbd4b4b7847db1d9463
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72f148991cfceee81546f139479a634ca65379764d3732c0780e5c7aafc84a6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a93fdeb9f121418f9f12458306130cc03545e8db3514e8fdc40bd7ec285a30f6
aa6ee22841c9f78a5fff4291cc23433ce9b9fd95bd6b2fcfbf616f3228890500
ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea
ac83594d4ff7a02f41bf4c95cfc72d3eada33cac4bfbb95e2d06662be3163abb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8af40ea36f328f518f7338d124e24c8f1d3dd9a6932edc86bc72c6395a5abd
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b9260042b5d4b486b4b70ccfe2a6eb3a8e11af5e48585449f55dde75c753660e
ba5de2dd01708185a0cf0204bee10541293279f7ed8589422e930caab1c18d5d
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c556e020e8ab6c6373bfcd2e49a9367aefa0502f59c0447b239773fc697feee1
c658761d392e99a3f2f21174f07c66353d49b8e31c95b33539cab6844b975b41
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c80cd93082244385f343d9225ed49c9b6ba89e28fa1cedc3355795a5a9123ff1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23b450572be1b110a1df8fa3c44f60e30c3b395adc25c8069645875858dfc83
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d772f1a025f0cbb6945c70fe0d3b664339f942909dffd97adb598e216fbb149a
d90994a170a5858e734b0b1384f9aba52c6395b53633cbbfaf1b41bcee899853
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
de849f6d3a085e2b8dcef6e2fb6f7d7d9c222d205aaf0143b7b25623d430d868
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deb6ac368e48ffc4ab528f5ca566df82610adacb99d9d454c5ad2ea93530fd18
e0d1fbc0381aad81d0e7c296dc8aa2990e42a8615399f3e72395c73c632669c4
e129a124daa315b150ffdf5e0a5bc247a8c5f55c7fcf338d614aff4da05b5d8f
e26cfad178913d1e7a62813f4c10ce62100aa09ffb50ae858caf4475625bea6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6da8487b903fd84a283d780bede1ae1da97d7f2c364653e790822405505f62
eb78da83b6aecb5e02430b98742d5a902a032b3cbbf9614313a71072bd28278d
ee311464e24ea8096fc1f47f61232f45581e0289af0c932e251ec524ed90d428
eec575d3c0d65be9630c8de8424078b8a94cc477932ada5fb3d15f1f5bc746e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b
f0bc4996324cec863fdfab8b59670e91fcb8c0ba169c0cc5ff950ef73c50ddf2
f21d843e28fda5fd9d8768f419bb4595168b054df839606e7cf203ad781a510b
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2bad6612f2473d76fcfcb9a2605b2cae2c8f5717fcfa47f89a116cde9925340
f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f
f442b2202ec6c6df03ecf8382a578998a268807a5199da65e8cdffceb73c2bea
f73e559b8a4a2df55b8bdf4cc6ad2fdb56fcd652c10ab3af15f96a75601cd947
f84f457f608fe367a3d9fd08285ec508f6bde670dee2277c9d015aa681c2e814
fad796db764292f62fa7751331f68ced6511e0cac4854957d4d3a323db2efbd5
fba57ea0b40bc27ac27c04fe0f2f3627529c45a980e40668f8eedd655b282b7b
fd2ade46345b975e8913716b49a5561ac3b95e80a7eae296bae4f6cf82958906
fe104abbaf70a38fb28021dd9abddc7b0f166ef25d9a484ddb71b51e6cb327dd
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.itnews.com.au Open in urlscan Pro 203.176.102.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

295 Requests

93 %HTTPS

47 %IPv6

34 Domains

59 Subdomains

51 IPs

7 Countries

6665 kBTransfer

12643 kBSize

45 Cookies

33 Outgoing links

Redirected requests

295 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.itnews.com.au Open in urlscan Pro
203.176.102.69 Public Scan

Screenshot
Live screenshot

Full Image

295
Requests

93 %
HTTPS

47 %
IPv6

34
Domains

59
Subdomains

51
IPs

7
Countries

6665 kB
Transfer

12643 kB
Size

45
Cookies

295 HTTP transactions
6 data transactions