www.itwire.com Open in urlscan Pro
101.0.65.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Submission: On December 08 via api (December 8th 2021, 10:55:03 pm UTC) from US — Scanned from DE

Summary HTTP 261 Redirects Links 218 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 17 domains to perform 261 HTTP transactions. The main IP is 101.0.65.50, located in Caulfield, Australia and belongs to HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU. The main domain is www.itwire.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on January 18th 2021. Valid for: a year.

This is the only time www.itwire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	101.0.65.50 101.0.65.50	55803 (HOSTOPIA-...) (HOSTOPIA-AU Hostopia Australia Web Pty Ltd)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
43	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
23	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
11	54.171.144.161 54.171.144.161	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
13	2600:9000:224... 2600:9000:2240:fa00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
5	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
13	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
41	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
261	26

36 101.0.65.50 (Caulfield, Australia)

ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU)
PTR: 50.65.0.101.static.digitalpacific.com.au

www.itwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

itwire.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.171.144.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com

www.onwebchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dc862a24dea37f8b18425e755358059a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2240:fa00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com dc862a24dea37f8b18425e755358059a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	974 KB
36	itwire.com www.itwire.com itwire.com	764 KB
30	doubleclick.net securepubads.g.doubleclick.net	218 KB
28	twitter.com platform.twitter.com syndication.twitter.com	744 KB
14	disquscdn.com c.disquscdn.com a.disquscdn.com	550 KB
14	googletagservices.com www.googletagservices.com	501 KB
13	twimg.com cdn.syndication.twimg.com pbs.twimg.com	88 KB
12	disqus.com itwire.disqus.com disqus.com referrer.disqus.com links.services.disqus.com	67 KB
11	onwebchat.com www.onwebchat.com	55 KB
9	google.com adservice.google.com www.google.com	1 KB
6	cloudflare.com cdnjs.cloudflare.com	91 KB
4	google-analytics.com www.google-analytics.com	40 KB
3	gstatic.com fonts.gstatic.com	75 KB
2	viglink.com cdn.viglink.com	530 B
2	statcounter.com www.statcounter.com c.statcounter.com	14 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	google.de adservice.google.de	792 B
261	17

	Domain	Requested by
41	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
30	securepubads.g.doubleclick.net	www.itwire.com www.googletagservices.com securepubads.g.doubleclick.net
30	itwire.com	www.itwire.com itwire.com
23	platform.twitter.com	www.itwire.com platform.twitter.com
14	www.googletagservices.com	www.itwire.com securepubads.g.doubleclick.net
13	c.disquscdn.com	itwire.disqus.com disqus.com c.disquscdn.com
11	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	pbs.twimg.com	www.itwire.com platform.twitter.com
11	www.onwebchat.com	www.itwire.com cdnjs.cloudflare.com
8	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	cdnjs.cloudflare.com	www.itwire.com cdnjs.cloudflare.com www.onwebchat.com
6	www.itwire.com	itwire.com
5	syndication.twitter.com	platform.twitter.com www.itwire.com
5	disqus.com	itwire.disqus.com c.disquscdn.com
4	www.google-analytics.com	www.itwire.com www.google-analytics.com itwire.com
3	links.services.disqus.com	c.disquscdn.com www.itwire.com
3	itwire.disqus.com	www.itwire.com itwire.disqus.com
3	fonts.gstatic.com	fonts.googleapis.com
2	cdn.viglink.com	www.itwire.com
2	cdn.syndication.twimg.com	platform.twitter.com
2	fonts.googleapis.com	www.itwire.com
1	referrer.disqus.com	www.itwire.com
1	a.disquscdn.com	www.itwire.com
1	dc862a24dea37f8b18425e755358059a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	www.itwire.com
261	28

This site contains links to these domains. Also see Links.

Domain
itwire.com
www.youtube.com
sams-blog.com
www.jobzilla.com.au
jobzilla.com.au
www.facebook.com
www.twitter.com
digitalpacific.com.au
bit.ly
www.onwebchat.com

Subject Issuer	Validity	Valid
www.itwire.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-18` - `2022-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
www.onwebchat.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Frame ID: BCB01B05C95DEB6FF0BC47331E81C951
Requests: 96 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.itwire.com
Frame ID: B7A4EACDDD79C414AC98F3EF1E67132E
Requests: 2 HTTP requests in this frame

Frame: https://dc862a24dea37f8b18425e755358059a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDE5E061A582773D15D96825233B6D23
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
Frame ID: 13A970007A02E834FBD02B26C63E260F
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: E2292A182E6DA81D7DA0D915B4AD8003
Requests: 22 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: 31B68ED029DA7CB1F46C599744417982
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZvqYQecqshva1XcuLwbzjP-y3vi92EWFoQ1AgTLTBcz6fz70nMYwy-0oYgmpOwuc267Ciu-hhew8T-4cFECfTBV9j5mKIam3Vv8K13vWPAT21IXh2bKrf8NrOhTXoj580U-k8KFTmxmyPO15WMY3Cx-LOF4V5MSQZ70qHXkqrVjgPSiBixxV4F15wU-2hJ6eI6RrURJhTvzHCrDYWS8Lt9xtF_X5q-iBrVUZKeWZiao0_fKMBzkT20Qwd5b0GJd4yF_d2-MHZdAb8YnowTlNxWpHcpbXA0x1ZI1_07fPW3JmFUmHUAA&sai=AMfl-YQhA46ZbDFkECXGMw3CKFSMSKokfRM9QLIcFKtJrQuZOp87rwURbYh3ZRKKe1iz6aEPs0T4A6oJlkvO_LLrzCLq7OGM4AKhEc66wB7sTsLf6MZ-4ybtCx6EWUfVHwI&sig=Cg0ArKJSzGx4CQxi58LeEAE&uach_m=[UACH]&adurl=
Frame ID: 76D76F127962C94168F32196CCD04F7A
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUkhWn6fVMbZKK609usoDhhS8vacq5bjd4fZY3Mt8IYuTMWY2w2SFbWNhOreESf34x5Mj6Oj07Brwb-15gPm_SP5Fa9CgDvHfTslYfB4DQfMXgcAmz5Xa0gjc7mMVy1WRG2WyAcWv_OtKgfmmVbDkSJ-FhaLlags1Uar2jd0b16XTP0kMBUZyXL9z1pkHha5QsjFIR0Al0VPALKr6X0wlSZpSeFweBcEKu4p0O26V-qg2ilU8Kz8SXItXY1ZrD0Vowq-yOnzMTaRJ0AP-YabDqzu2R9teV-Roj-kzHmUmo&sai=AMfl-YQ4rEEYkheKCaRIkVUCKpDYqcP9_YZO0YQ7lTIIYg_W6KxF1HDCz7dI1QUhwPmab8sGYSKL9J2Aegm-m8wEBTjzwOObBzQT0FDMRjAd4LwvmqjKZ_oNkQyRI9kAUs4&sig=Cg0ArKJSzIYI1X_nVuISEAE&uach_m=[UACH]&adurl=
Frame ID: 6DA2B02E0F17E9BB8979B485B81CCFF6
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAZEKuCqFz9g0spFEGzb4XDagQYtFXbw_ctvJNu3yis_UHk7QPQxYKkV6Z13wiQPl9xb139_jME43aCo_7YjZIB8Surnm0s_NUAdyMchwVDrnsrgOPHBkIJBE5kZYAAjoQ3IcQIC1PkpKDwR71ZlJm4eYNsGL0ggSKtCCGSRN7bxKFHdJVHW8VNZyCrHubYujnmzIkDqEKZi-NHpS0LInxqAt5plCL-6qQdk7asTSLnfVuZ12HtQmM-iE9s1gh_-TPDFCpvK9VHbUAdUuNINgkxzdXEJAYVfKglH0-i5IOYsZDYiPQ93OsLWc&sai=AMfl-YSz4Czzk5MKrykjtRH_Tce5davKsmcNHRWAs2QMJr-sw-MzUv223aG3QfBf8IbuTq6HWdbhjzmItRYQfFeAbqQfyGK-dRxlQlPNKnYsTl_3Rxf9-D8NHGjP575ChnY&sig=Cg0ArKJSzCOs4aFFgD-WEAE&uach_m=[UACH]&adurl=
Frame ID: 70C5E502C5AA0A6C30EA5FE6BEA36B96
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO90VNy4B0VwtZyvyNh5pPNFQJVhAR4DpzdoCn3q36IZz4k2Rxm2CYYH0939FYX-lygrahPWT3PUBobCziegCm4LA63N73fb6XlL5naTPZcLYzhK_Pk7DSOuK04D1ce_vkPeTqOk3pyNf1r-VzSdO6H5qn5LrRuUUnd_3wu5sLjMKdH7XzUHBwGP29QGJOX1HMkNYpiafHkEFyD_a17uDuOTQoNjIoFQN9ZuIDa0Wg0f5fJBoOrymnp3pzMLK6_Ru_hpwE68OcmXMwmf4BdszqJldSez8KaYAr2W-WsX5JTOOHCwdiow&sai=AMfl-YRUyKW0U7hi3Er38y57aH5haQgBiSeXEyhk8qL3bvYJIbf1Py_TcFi7tDokpPfemQdbMffD-uzllBPtxBDnfJfroFGOsqG65evsx2Exdp9nEzGx3b2YBuQyKS9DZzc&sig=Cg0ArKJSzLF0xVuzK0Z-EAE&uach_m=[UACH]&adurl=
Frame ID: 0D3BFBD8C7984709328160643F5BF7E5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRkvz4wJ1j0ffk_F3t9Fgvwl9Z0i-lvn4LehZW0XIU7IXP4seXGLACq3Z5Ip8NH56A3Kpq61aSccgnGCN2BkvjobqJwqH2rbDjYnvmYhd1S9v5C0NXU8iD-u7-NCt6hqazvzc2xv-OBJXGzTW1kImw3iZ6cjJRfSemt1cuen19gtl8BaYf0tHDJNsBTXwP-Kes9RBd5n1H3F1s9BmYPNX6TrcdBLy2ILvjbu8v2Z-AzOsa4J3YIPd7s_73nyR-lVhDCu7NFqnHxrg5Nk5M0jp_sZ-pT1Ff4fum-yF1sL0g3XP5c3uCTw&sai=AMfl-YRXl7uYiMxGesOBCyCJEABZFKm-5iHeTxAzy5v4f0IxfLoRwsLRKHhiTu1e7wDOPPbtBdxUbiB89MdoWVS0IVaWhfjzrZzD0jsA1YgBNVIdGLaLftk4u15zRiUrsi4&sig=Cg0ArKJSzEpGjKPZeWnnEAE&uach_m=[UACH]&adurl=
Frame ID: 2653F1488343096F63B300C1B9C8ACEE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshLv7kVdIKkBNzktTdjFBSepXJeCkvpPBeFH0GIL5EyEfG5nAZjxw9qkWCRhOnu0W-Hp0v4Ui6GfuW0SHoFUm5-RGqIdGsDLTb-ZVO6rh9-OfoLFgU3RI8Mcaw0TPS3Mo_ftONlIEl_RhyR-SHaA7LC1EHNdk1WNkXdWrXSaWWbMpJ9N6qq6PzZcD1KtGsrWocASvvbrOYTTue-7Z3Wc5DKCa39AeTK9FCkKkhA1pH8iyiwyK6fs2sQIZIIFRsQRY9ilh6mA_wAGR8sLJG5R4Sgh8x_WcggpEg1j7Y7owFweR15nE0&sai=AMfl-YT59Nu7riRfUoce_1iWSYGSZxCroFzCmfomH-pe8FbhV2aH6l3djofwKWPkBc5NGVddqsRr2CO3tja-GtWDKXk0Wz548Fnnq38HunhblQuobrOUw6BSRlX-hqTe7ok&sig=Cg0ArKJSzCZ5ia7oysvSEAE&uach_m=[UACH]&adurl=
Frame ID: C0E095E051836183DF4D7840A824E6A2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGYfZYLIKTJWljZE9_Z5aqohmmGc5s7DCT37cx8mIp7spjo3fBFCdxXtshSo2cqMMkRjQrHOXejEOorFsZuZ8BNA97IGygv7YoCUC-BkRvPahDtMTzmTpCTXz0GWR8rAfpeAW5yggY4B24PuD_ipwzI54U7hxCp1a6cixOJS4B7IsYT8D7yVCEgS1ULNgyE8-ROruHffcMpOKTT3B7WTtqr7hZz-nD0pgg3o3M9eIg7Y0agLr00IPRwy4FStau1vvq9mmqDTMh-b07_jx7QenGAsx3zkD-UC_yaQuL9roPfq0bWJA&sai=AMfl-YQOY8u85h2N-hf44y1ZF_XJAjP32qqMebqa5A4j7ek4B152YtdmP4ywvoCUDCh_d0SdNAYwCt0RKyPraGIUWjYywrzzD89eEu-EHtb_u-WA7-GYRsl3-gsNFNaWyBQ&sig=Cg0ArKJSzJX6JVvS3D-6EAE&uach_m=[UACH]&adurl=
Frame ID: 19FD65E122F21F53CE357F3E232144F5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuk1nxp4-3TUZvja0Es3huzO2upN1vOuAmaj3iqAgnj4oEnxUwi8NabxESNpE57JMmIZUDZbiBgamy6YxHxLJ4F_jfxFlwds6_QncVRmPD-5rzDX4MfO_fNmi5Cjp-6RbDGbBv1Qtm-HB0lPMuQi11ZOTmIUulnB_l5KCLZNUkYvwQlrV5w8EUjB65rpq-U6e3jEVRc03yt86pMY_CCYAVe8HSq_s1LXZPk7KBtlZSxkBd3SLQzDXv8RHIVfcKd51MJd31qEiSgEJ1YOVfQ3WPBqAzVQuUc3Hp8kER7OtBPBoYM-Wzcg&sai=AMfl-YQuyKSjSJa0GxPvHad-Z0VZIFPlyBtdqvfujrWzk34h25e7zt4rebdUYMEGOTsukXUNaonJlTw2Mg2iN4DyClRtBjE7OlOPu3bROv_nypsR6U-WaVHBzlW10sNI_RI&sig=Cg0ArKJSzM6yrk2Xdn3VEAE&uach_m=[UACH]&adurl=
Frame ID: D7A3363DDCB2F42B5F1D0E154F2D9E5B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqnEJl4gEfVCiDqt8xhxsc7RQJXtnNZqvnjGVeGgBMouruPepVHYsYnvg_Ihvxkkaf2WRx3oKeypTW1XTzb0PPirYK7dv4diMS6Er6A7uASpHtzQ51Lezq3_tTHK-uArSDSJSbXe9vQwx_yKrYh1zrfEM_ulmjpKLUMxX6X7SgTUx8NNjrach2qLtBFGc_R2VZhJyAN1-dlufDuQIC5Q_67EyQWueio5IzJSWhiNZRLaH1v3gySLZxFAdRZRaI4qBL3RlMIFnrCrrS2NHb02NG5aYi-SRdb2b_fy7qwbBTzg6u0qDjU9c&sai=AMfl-YTHFY9_IFaVe8r1zaxUB75GLS727phb7o2iwo6Wl2NxQ5XCRKzdTvJHJggAp4_ifUDC3HhGBLUlS1i30BpiY1RkCY-35M0Q9WKn4nyFClOAFhgOvYmbvnL9Xlm0Vas&sig=Cg0ArKJSzNswevDfzZcAEAE&uach_m=[UACH]&adurl=
Frame ID: 1C2EE55BB20D42EEDF1749BD86A3AE7A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFCIhDO0JPifTxbHPhov9CG_axdLaSzjd5NK2oBzGdsK86pf4HbV6kv0KTXKE3o3Z-M1VcV3SljiaeW65djK0LwrvL3lGiVDPhY6Qm3OPd_x14I6iIiUQKQonqnuxoM0GBh2CCFHH7qxWRrPMRv0TBo0Kn9p7bevZStKCT4hfVcOYAiqYiT-9l-37BtWEVnn3WcCIAurQM9XTXDc0vHnerTHGqTJvWE-BHll2ML41aq6SWzSlyZa0XjZfIV8oTRPlRRhPXJfjbxO2wQBgSMcYrAzF2FQbJL3idpqVddeASUz-HqB2_Kn8CgNrwbC4r&sai=AMfl-YTeLaYyLUwx71vIoRCHvTnptJPbuJyhMxVjD7TTf1S_9ls6dzVQX2qivUI_Bm4cZCKsYgAc3W8aIgj8wI3VIIfgZrstaDcDGuIzDMTmdNYGLlfkWqHLVb0OL8W0tI0&sig=Cg0ArKJSzOYevYh_3wlaEAE&uach_m=[UACH]&adurl=
Frame ID: 6DCA1D670FCB8A3FF3FEC6E64320826E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBnEKzkjaWN4_awhsm6_Ah4h0fraLVaqNrxCWWqLBGfsmnrQSXEfrkHTYRQZQTNS_4atuUvNAQHgt3SJKNKk5kWftRYd-S8kB5cft7nI_S-eqapRFtK4imNrVYkNS3ukTBHPvd77oGLN6L6prSaTTllS8V1-prN-EB5FOhG5q7Saqmzox0dcIO_5DiIG4N5qTdZI-xt5-4PWHVFqNApg3ZNTru56zv0pbehdGiCYcwPorWDlGdrZc6wrR2ClVGiBQfVBLA2KQeMKY3ZORULpyv3_t-t852ZM5rKiYxyew_RJAfDALQMlAEJbuE&sai=AMfl-YSz_zLQTwxjp1uAqEC9hGEswsTnKMuuLRjC_ZoRW-toOC3U4zbfBc-yT6ltwLWsuH-mp3I-C7DRQB6uhUMBo7mXRS5iQq8EQANJd8zp0tqHjQN8SqJuyMy6I9Xx1xo&sig=Cg0ArKJSzOFo4ZH7dr0TEAE&uach_m=[UACH]&adurl=
Frame ID: 886587ABFDB9E7AB2CD9661B81205A79
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgi4u7Prgq_xcpckcl2NktDbuS0zEv1lGL__0Wios1KU_Ux32pFkPa5ow19-7ZPcK103-jhnCR5sNjIuoAAsQh5ZeauX1W-6yIET8hriy1Gn7Vy0VqJBaMdusS1NOikU0u5bx1ZxzklJvojFsE1ToDGE8RpeeIYk6p24vfMjYUUVghFdof8BhCA-ceApW06TxM8EW6kkqVoVFNUpsr4MpOG7Bcq-emIJqae-PXM2-I_pssYb5uaUYpU2DZ5JA6UacMwGPupH73wSVqeOWEGZA-Cvj13q9_O3vxM2eS6YF50ctFIQSrh7UDbEYw&sai=AMfl-YQBLpvHehLE8_QXpH4QfV9CIr34ZIA3mKkuVfAbsGZbgnRj1OB191cH8SxkJ2I120QspQiI427VHG_3u43_5iy_gWEd9vpqYke-yOb2NxqfuT7vd720OeYIn--NzNA&sig=Cg0ArKJSzMkaF4kRK57qEAE&uach_m=[UACH]&adurl=
Frame ID: D97E9E452F5930BBA9AA4295DB6E0FDB
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvv-GcQfYzMzYdl3GJ3YKePTRcYbwh2kaaU5ty34KweJJNGBp7aybb92IimQPvdaiqCXqvo2nsqRcAQiBaAUGbQ64il691FZ95TN3PmVvIktD1A_HJMHEx3HT1hOaZZQUMLVjVtfJ9cmSurvbVo2JPw_M0E1SXVa82z0Onlf6dJJQag2ibfPTqIfg0uAhyyO0MlHGGu4cza7z4VlNyMcPknRFqRMyaIgAUmso37zS4JMTAd71DopXH8SgQ7UKGczx0oBDO1eBf5FsGpR9xM1ZoLUy-fQKOUQtH-47wqfg4-tOcIbXplc-xIGFM&sai=AMfl-YQH5K2IEUG2KwHWxS33y-x8TIBLoLOFX0lr1qxf4UVjXqLW0tzg_bhu_4penb9cZidqdTsW4TN7tcJoLOTHRlibKuixa7YpY4Jp4iBT0drCKEQ5-LJUsN2pshXj3m4&sig=Cg0ArKJSzOmXTVQG9laPEAE&uach_m=[UACH]&adurl=
Frame ID: 7A7AEC85C76E37A3B37CE892363D2E9B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A58879B28DA45DB4CB0E6FF6DFB3E2CA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77A57C5B340FCA691396580A956EEC8B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

iTWire - LA Times serving cryptocurrency mining script

Page Statistics

261
Requests

92 %
HTTPS

60 %
IPv6

17
Domains

28
Subdomains

26
IPs

5
Countries

4184 kB
Transfer

10193 kB
Size

15
Cookies

218 Outgoing links

These are links going to different origins than the main page.

URL: https://itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html%27

Search URL Search Domain Scan URL

URL: https://itwire.com/subscribe-now
Title: Subscribe to Newsletter

Search URL Search Domain Scan URL

URL: https://itwire.com/contact-us
Title: Advertise

Search URL Search Domain Scan URL

URL: https://itwire.com/
Title: iTWire

Search URL Search Domain Scan URL

URL: https://itwire.com/contact-us.html
Title: Contact CEO

Search URL Search Domain Scan URL

URL: https://itwire.com/homepage/about-itwire-advertising,-sponsored-posts,-editorial-press-releases.html
Title: About iTWire - Advertising, Sponsored Posts, Editorial & Press Releases

Search URL Search Domain Scan URL

URL: https://itwire.com/homepage/about-itwire.html
Title: About iTWire

Search URL Search Domain Scan URL

URL: https://itwire.com/itwire-update.html
Title: See Latest Newsletter

Search URL Search Domain Scan URL

URL: https://itwire.com/media-kit-specifications.html
Title: Advertising Specs

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements-sp-507.html
Title: Promotional News

Search URL Search Domain Scan URL

URL: https://itwire.com/itwire-journalists.html
Title: Our Journalists

Search URL Search Domain Scan URL

URL: https://itwire.com/pdf/CommsWire%20Daily%202021-06-15.pdf
Title: See Recent CommsWire Letter

Search URL Search Domain Scan URL

URL: https://itwire.com/your-it-news.html
Title: Your Tech

Search URL Search Domain Scan URL

URL: https://itwire.com/your-it-news/entertainment.html
Title: Entertainment & Gaming

Search URL Search Domain Scan URL

URL: https://itwire.com/your-it-news/mobility.html
Title: Mobility

Search URL Search Domain Scan URL

URL: https://itwire.com/your-it-news/home-it.html
Title: Home Tech

Search URL Search Domain Scan URL

URL: https://itwire.com/your-it-news/wi-fi.html
Title: Wi-Fi

Search URL Search Domain Scan URL

URL: https://itwire.com/your-it-news/apps.html
Title: Apps

Search URL Search Domain Scan URL

URL: https://itwire.com/your-it-news/internet-of-things.html
Title: Internet of Things

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news.html
Title: Business

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-sp-511/2012-05-28-06-01-50/itwire-marketing.html
Title: iTWire Marketing

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/networking.html
Title: Networking

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/open-source.html
Title: Open Source

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/security.html
Title: Security & Cybersecurity

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/business-technology.html
Title: Business Telecommunications

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/enterprise-solutions.html
Title: Enterprise Solutions

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/print-solutions.html
Title: Print Solutions

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/hardware-and-storage.html
Title: Hardware

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/storage.html
Title: Storage & Cloud Storage

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/business-software.html
Title: Business Software

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/cloud.html
Title: Cloud

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/data.html
Title: Data Analytics & Artificial Intelligence

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/data-centres.html
Title: Data Centres

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/mvno.html
Title: MVNO

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/outsourcing.html
Title: Managed Services

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/accounting-software.html
Title: Accounting Software

Search URL Search Domain Scan URL

URL: https://itwire.com/business-it-news/business-intelligence.html
Title: Business Intelligence

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news.html
Title: Industry

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/deals.html
Title: Deals

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/resellers.html
Title: Channel News & Partnerships

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/cloud-accounting.html
Title: Cloud Accounting

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/enterprise-cloud.html
Title: Enterprise Cloud

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/virtualisation.html
Title: Virtualisation

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/development.html
Title: Web Development & Front-End Development

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/telecoms-and-nbn.html
Title: Telecoms & NBN

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/manufacturing-technology.html
Title: Manufacturing & Logistics

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/web-hosting.html
Title: Web Hosting

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/voip.html
Title: VoIP

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/strategy.html
Title: Strategy

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/listed-tech.html
Title: Listed Tech

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/market.html
Title: Market

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/application-performance.html
Title: Application Performance

Search URL Search Domain Scan URL

URL: https://itwire.com/it-industry-news/crm.html
Title: CRM & Contact Center Apps

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news.html
Title: People

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-sp-954/2012-05-28-08-02-52/job-doctor.html
Title: Career Coach

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news/recruitment.html
Title: Recruitment

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news/not-for-profit.html
Title: Not For Profit

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news/education.html
Title: Education & Machine Learning

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news/people-moves.html
Title: People Moves

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news/cio-trends.html
Title: CIO Trends

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news/enterprise-staff.html
Title: Enterprise Staff

Search URL Search Domain Scan URL

URL: https://itwire.com/it-people-news/contracting.html
Title: Remote Working

Search URL Search Domain Scan URL

URL: https://itwire.com/government.html
Title: GOVT

Search URL Search Domain Scan URL

URL: https://itwire.com/government-tech-news/govenrment-tech-policy.html
Title: Government Tech Policy

Search URL Search Domain Scan URL

URL: https://itwire.com/government-tech-news/technology-regulation.html
Title: Technology Regulation

Search URL Search Domain Scan URL

URL: https://itwire.com/government-tech-news/technology-tenders.html
Title: Technology Tenders

Search URL Search Domain Scan URL

URL: https://itwire.com/government-tech-news/local-government.html
Title: Local Government

Search URL Search Domain Scan URL

URL: https://itwire.com/science-news.html
Title: Science

Search URL Search Domain Scan URL

URL: https://itwire.com/science-news/energy.html
Title: Energy

Search URL Search Domain Scan URL

URL: https://itwire.com/science-news/climate.html
Title: Climate

Search URL Search Domain Scan URL

URL: https://itwire.com/science-news/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://itwire.com/science-news/biology.html
Title: Biology

Search URL Search Domain Scan URL

URL: https://itwire.com/science-news/automotive.html
Title: Automotive

Search URL Search Domain Scan URL

URL: https://itwire.com/science-news/space.html
Title: Space

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481.html
Title: Opinion

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/apexing-the-linux-learning-curve.html
Title: Apexing the Linux learning curve

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/shrinkage.html
Title: ShrinkAge

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/the-big-house.html
Title: The Big House

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/fuzzy-logic.html
Title: Fuzzy Logic - Alex Zaharov-Reutt

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/seeking-nerdvana.html
Title: Seeking Nerdvana

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/open-sauce.html
Title: Open Sauce - Sam Varghese

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/a-meaningful-look.html
Title: A Meaningful Look

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/transit.html
Title: Transit

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/business-intelligence-blog.html
Title: Business Intelligence Blog

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/shaw-thing.html
Title: ShawThing

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/core-dump.html
Title: Stephen Withers

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/whiskey-tango-foxtrot.html
Title: Whiskey Tango Foxtrot - David Heath

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/the-linux-distillery.html
Title: Linux Distillery - David M Williams

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/uni-verse.html
Title: UNI-verse

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/radioactive-it.html
Title: Radioactive IT

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/cornered.html
Title: Cornered!

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/beerfiles.html
Title: Beerfiles

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/ict-energy-and-sustainability.html
Title: ICT Energy and Sustainability

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/the-wired-cio.html
Title: Wired CIO - David M Williams

Search URL Search Domain Scan URL

URL: https://itwire.com/opinion-and-analysis-sp-481/c-level.html
Title: C Level

Search URL Search Domain Scan URL

URL: https://itwire.com/reviews-sp-288.html
Title: Reviews

Search URL Search Domain Scan URL

URL: https://itwire.com/reviews-sp-288/computers-peripherals.html
Title: Computers & Peripherals

Search URL Search Domain Scan URL

URL: https://itwire.com/reviews-sp-288/mobile-devices.html
Title: Smartphones & Mobile Devices

Search URL Search Domain Scan URL

URL: https://itwire.com/reviews-sp-288/software.html
Title: Software

Search URL Search Domain Scan URL

URL: https://itwire.com/?Itemid=960
Title: Networking

Search URL Search Domain Scan URL

URL: https://itwire.com/reviews-sp-288/books.html
Title: Books

Search URL Search Domain Scan URL

URL: https://itwire.com/reviews-sp-288/games.html
Title: Games

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles.html
Title: Guest Articles

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-opinion.html
Title: Guest Opinion

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-reviews.html
Title: Guest Reviews

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-interviews.html
Title: Guest Interviews

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-events.html
Title: Webinars & Online Events

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research.html
Title: Guest Research

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/company-news.html
Title: Company News

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/iTWireTV/videos
Title: ITWIRE TV

Search URL Search Domain Scan URL

URL: https://itwire.com/security.html
Title: Security

Search URL Search Domain Scan URL

URL: https://itwire.com/journalist/sam-varghese.html
Title: Sam Varghese

Search URL Search Domain Scan URL

URL: https://itwire.com/security/la-times-serving-cryptocurrency-mining-script.html#disqus_thread
Title: 0 Comments

Search URL Search Domain Scan URL

URL: https://itwire.com/media/k2/items/cache/30b71684403ef6de3eeb358f684cca0f_XL.jpg

Search URL Search Domain Scan URL

URL: https://itwire.com/security/81635-brand-marketing-firm-s-bizinfo-exposed-in-amazon-s3-bucket.html
Title: Octoly

Search URL Search Domain Scan URL

URL: https://itwire.com/security/81257-personal-info-of-123m-americans-found-in-unsecured-aws-bucket.html
Title: Alteryx

Search URL Search Domain Scan URL

URL: https://itwire.com/security/81028-credit-repair-service-leaks-data-of-about-40,000.html
Title: National Credit Federation

Search URL Search Domain Scan URL

URL: https://itwire.com/security/80987-pentagon,-nsa-data-leaked-through-aws-bucket.html
Title: NSA

Search URL Search Domain Scan URL

URL: https://itwire.com/security/80863-pentagon-intelligence-op-leaks-data-through-amazon-servers.html
Title: Pentagon

Search URL Search Domain Scan URL

URL: https://itwire.com/security/80305-accenture-s-crown-jewels-found-exposed-in-unsecured-aws-buckets.html
Title: Accenture

Search URL Search Domain Scan URL

URL: https://itwire.com/security/79070-millions-of-dow-jones-customer-details-exposed-online.html
Title: Dow Jones

Search URL Search Domain Scan URL

URL: https://itwire.com/security/79527-chicago-voter-database-left-open-on-amazon-cloud.html
Title: voter database

Search URL Search Domain Scan URL

URL: https://itwire.com/security/79734-thousands-of-mercenary-resum%C3%A9s-found-exposed-on-web.html
Title: security firm

Search URL Search Domain Scan URL

URL: https://itwire.com/security/78591-american-voter-data-left-unsecured-on-internet.html
Title: a contractor

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/iTWireTV
Title: here

Search URL Search Domain Scan URL

URL: http://itwire.com/
Title: itwire.com

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/tag/Los%20Angeles%20Times.html
Title: Los Angeles Times

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/tag/Kevin%20Beaumont.html
Title: Kevin Beaumont

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/tag/Coinhive.html
Title: Coinhive

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/tag/Monero.html
Title: Monero

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/tag/Sam%20Varghese.html
Title: Sam Varghese

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/tag/Cryptocurrency.html
Title: Cryptocurrency

Search URL Search Domain Scan URL

URL: https://sams-blog.com/
Title: Irregular Expression

Search URL Search Domain Scan URL

URL: https://itwire.com/security/microsoft-a-big-part-of-the-cyber-security-problem-proofpoint-exec.html
Title: Microsoft a big part of the cyber security problem: Proofpoint exec

Search URL Search Domain Scan URL

URL: https://itwire.com/security/ubiquiti-ex-worker-held-over-data-theft,-extortion-bid-doj.html
Title: Ubiquiti ex-worker held over data theft, extortion bid: DoJ

Search URL Search Domain Scan URL

URL: https://itwire.com/technology-regulation/eu-tech-firms-file-anti-trust-complaint-against-microsoft.html
Title: EU tech firms file anti-trust complaint against Microsoft

Search URL Search Domain Scan URL

URL: https://itwire.com/mobility/huawei,-vivo-unveil-digital-devices-for-christmas-gifts.html
Title: Huawei, vivo unveil digital devices for Christmas gifts

Search URL Search Domain Scan URL

URL: https://itwire.com/security/knowbe4%E2%80%99s-team-of-cybersecurity-experts-release-predictions-for-2022-202112050625.html
Title: KnowBe4’s team of cybersecurity experts release predictions for 2022

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/knowbe4%E2%80%99s-team-of-cybersecurity-experts-release-predictions-for-2022.html
Title: KnowBe4’s team of cybersecurity experts release predictions for 2022

Search URL Search Domain Scan URL

URL: https://itwire.com/security/us-customs-unable-to-authenticate-e-passports-since-2010.html
Title: « US customs unable to authenticate e-Passports since 2010

Search URL Search Domain Scan URL

URL: https://itwire.com/security/counterfeit-code-signing-certs-more-prevalent,-but-cost-a-deterrent.html
Title: Counterfeit code-signing certs more prevalent, but cost a deterrent »

Search URL Search Domain Scan URL

URL: https://itwire.com/security/la-times-serving-cryptocurrency-mining-script.html#startOfPageId81860
Title: back to top

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-events/domestic-and-family-violence-and-why-it-matters-to-the-telco-industry.html
Title: Domestic and family violence and why it matters to the telco industry

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-events/on-demand-webinar-2021-telecom-security-exploring-the-threat-landscape.html
Title: ON-DEMAND WEBINAR 2021 Telecom security - exploring the threat landscape

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-events/on-demand-webinar-5g-success-starts-with-your-cloud-native-infrastructure.html
Title: ON-DEMAND WEBINAR - 5G success starts with your cloud-native infrastructure

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-events/webinar-invite-streamlined-surveillance-system-for-your-growing-business-needs.html
Title: WEBINAR INVITE: Streamlined surveillance system for your growing business needs

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-events/juniper-mist-ai-supercharges-your-wi-fi.html
Title: Juniper Mist AI supercharges your Wi-Fi

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/company-news/how-to-identify-ms-teams-sprawl-and-work-towards-an-optimal-digital-environment.html
Title: How to identify MS Teams sprawl and work towards an optimal digital environment

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-opinion/bad-actors-can-be-expected-to-adopt-new-strategies-for-the-next-few-quarters-virsec.html
Title: Bad actors can be expected to adopt new strategies for the next few quarters: Virsec

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-opinion/2022-presents-a-year-of-increasing-cybersecurity-challenges-from-the-good-guys-and-the-bad-guys.html
Title: 2022 presents a year of increasing cybersecurity challenges (from the good guys and the bad guys!)

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-interviews/itwire-tv-interview-snp-group-s-gerald-faust-and-microsoft%E2%80%99s-luka-debeljak-talk-ultra-modern-digital-transformation.html
Title: iTWire TV Interview: SNP Group's Gerald Faust and Microsoft’s Luka Debeljak talk ultra-modern digital transformation

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-opinion/4-digital-infrastructure-predictions-defining-the-next-decade.html
Title: Four digital infrastructure predictions defining the next decade

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-reviews/2022-all-new-toyota-land-cruiser-review.html
Title: 2022 all-new Toyota Land Cruiser review

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/company-news/neosec-integrates-its-api-security-platform-with-kong-s-api-gateway-to-protect-enterprises-from-business-abuse,-fraud-and-data-theft.html
Title: Neosec integrates its API security platform With Kong's API gateway to protect enterprises from business abuse, fraud and data theft

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/datacom-named-as-workday-global-payroll-cloud-gpc-partner.html
Title: Datacom named as Workday Global Payroll Cloud (GPC) partner

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-opinion/how-5g-will-transform-healthcare-post-covid-in-australia.html
Title: How 5G will transform healthcare post-COVID in Australia

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/instaclustr-adds-postgresql-to-managed-platform-in-public-preview.html
Title: Instaclustr adds PostgreSQL to managed platform in public preview

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/wham,-bam,-solarwinds-sam-keeps-you-ahead-of-server-and-application-downtime-202109051134.html
Title: Wham, bam, SolarWinds SAM keeps you ahead of server and application downtime

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/coca-cola-europacific-partners-indonesia-taps-8x8-cpaas-to-enhance-mobile-experience-for-business-to-business-b2b-customers-in-indonesia.html
Title: Coca-Cola Europacific Partners Indonesia Taps 8x8 CPaaS to Enhance Mobile Experience for Business-to-Business (B2B) Customers in Indonesia

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/tecala-ranked-on-channel-futures-msp-501%E2%80%94tech-industry%E2%80%99s-most-prestigious-list-of-global-managed-service-providers.html
Title: Tecala Ranked on Channel Futures MSP 501—Tech Industry’s Most Prestigious List of Global Managed Service Providers

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/extrahop-experts-contribute-network-detection-and-response-expertise-to-mitre-att-ck-framework.html
Title: ExtraHop Experts Contribute Network Detection and Response Expertise to MITRE ATT&CK Framework

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/talend-extends-apac-presence-with-cloud-data-infrastructure-in-australia-to-serve-customer-growth.html
Title: Talend extends APAC presence with cloud data infrastructure in Australia to serve customer growth

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/ricoh-pro-c7200sx-series-scoops-mid-volume-cmyk-bli-pro-award.html
Title: RICOH Pro C7200sx Series Scoops Mid-Volume CMYK+ BLI PRO Award

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/barco-research-finds-meeting-rooms-take-centre-stage-in-australian-hybrid-workplaces.html
Title: Barco Research Finds Meeting Rooms Take Centre Stage in Australian Hybrid Workplaces

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/talend-partners-with-snowflake-in-breakthrough-development-to-deliver-healthy,-analytics-ready-data-at-scale-inside-data-cloud.html
Title: Talend Partners with Snowflake in Breakthrough Development to Deliver Healthy, Analytics-Ready Data at Scale Inside Data Cloud

Search URL Search Domain Scan URL

URL: https://itwire.com/sponsored-announcements/nintex-named-a-digital-business-platform-leader.html
Title: Nintex Named a Digital Business Platform Leader

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-interviews/itwiretv-interview-commscope-s-sanjiv-verma-talks-the-latest-evolved-iot-and-smart-building-solutions-for-hotels-and-hospitality.html
Title: iTWireTV Interview: CommScope's Sanjiv Verma talks the latest evolved IoT and smart building solutions for hotels and hospitality

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-interviews/itwiretv-interview-varonis-rights-ransomware-wrongs-with-stellar-cyber-security.html
Title: iTWireTV Interview: Varonis rights ransomware wrongs with stellar cyber security

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-interviews/itwiretv-interview-sanjay-galal,-syspro-cfo,-talks-industry-4-0,-cfo-challenges-and-modern-manufacturing.html
Title: iTWireTV Interview: Sanjay Galal, SYSPRO CFO, talks Industry 4.0, CFO challenges and modern manufacturing

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-interviews/itwiretv-interview-juniper-s-mist-is-a-bona-fide-hit-for-ai-enabled-wired-and-wi-fi-connectivity.html
Title: iTWireTV Interview: Juniper's Mist is a bona-fide hit for AI-enabled wired and Wi-Fi connectivity

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-reviews/solarwinds-sql-sentry-is-the-watchdog-your-database-needs-202111220834.html
Title: SolarWinds SQL Sentry is the watchdog your database needs

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-reviews/how-uniconverter-13-improves-your-productivity-202110210304.html
Title: How UniConverter 13 improves your productivity

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-reviews/detailed-review-of-pdfelement-for-mac-version-8-5.html
Title: Detailed review of PDFelement for Mac Version 8.5

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-reviews/wham,-bam,-solarwinds-sam-keeps-you-ahead-of-server-and-application-downtime-202109051136.html
Title: Wham, bam, SolarWinds SAM keeps you ahead of server and application downtime

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/new-adelaide-research-centre-to-focus-on-artificial-intelligence-technology.html
Title: New Adelaide research centre to focus on Artificial Intelligence technology

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/new-report-finds-australians-won%E2%80%99t-work-for-businesses-that-don%E2%80%99t-take-action-on-climate-change.html
Title: New report finds Australians won’t work for businesses that don’t take action on climate change

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/apac-construction-sector-shows-strong-optimism-and-investment-post-covid-with-digitisation-tipped-as-key-growth-area,-ineight-outlook-finds.html
Title: APAC construction sector shows strong optimism and investment post-COVID with digitisation tipped as key growth area, InEight Outlook finds

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/australian-frontline-healthcare-organisations-helped-by-workday-to-battle-covid-19-pandemic-91695.html
Title: Australian frontline healthcare organisations helped by Workday to battle COVID-19 pandemic

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/vertel-reveals-the-top-10-technologies-that-will-impact-workplaces-between-2020-and-2025.html
Title: Vertel reveals the top 10 technologies that will impact workplaces between 2020 and 2025

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/sales-professionals-struggle-in-the-hybrid-virtual-world,-report-shows.html
Title: Sales professionals struggle in the hybrid virtual world, report shows

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/industrial-safety-reliability-one-cve-at-a-time.html
Title: Industrial safety, reliability—one CVE at a time

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/unboxing-busybox-claroty-and-jfrog-uncovers-14-vulnerabilities.html
Title: Unboxing Busybox: Claroty and JFrog uncovers 14 vulnerabilities

Search URL Search Domain Scan URL

URL: https://itwire.com/guest-articles/guest-research/how-it-will-transform-in-the-next-five-years.html
Title: How IT will transform in the next five years

Search URL Search Domain Scan URL

URL: https://itwire.com/resellers/videonetics-announces-distribution-partnership-with-inflow-technologies.html
Title: Videonetics announces distribution partnership with Inflow Technologies

Search URL Search Domain Scan URL

URL: https://itwire.com/resellers/juniper-networks-accelerates-partner-profitability-with-new-elite-partner-tier,-program-enhancements.html
Title: Juniper Networks accelerates partner profitability with new elite partner tier, program enhancements

Search URL Search Domain Scan URL

URL: https://itwire.com/resellers/checkbox-to-drive-pwc-newlaw%E2%80%99s-legal-and-digital-transformation.html
Title: Checkbox to drive PwC NewLaw’s legal and digital transformation

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/attivo-signs-exclusive-as-australian-disty.html
Title: Attivo signs Exclusive as Australian disty

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/opmantek-to-provide-software-support-to-microsoft.html
Title: Opmantek to provide software support to Microsoft

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/decision-australia-joins-board-international-partner-roster.html
Title: Decision Australia joins Board International partner roster

Search URL Search Domain Scan URL

URL: https://itwire.com/resellers/daiwabo-secures-japan-distribution-agreement-with-versa-networks.html
Title: Daiwabo secures Japan distribution agreement with Versa Networks

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/pny-picks-dstech-as-anz-disty.html
Title: PNY picks DSTech as ANZ disty

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/adelaide%E2%80%99s-dataspark-recognised-by-global-leader-smartsheet.html
Title: Adelaide’s DataSpark Recognised by Global Leader Smartsheet

Search URL Search Domain Scan URL

URL: https://itwire.com/freelancer-sp-720/tech-data-expands-hpe-greenlake-distribution-in-asia-pacific.html
Title: Tech Data expands HPE GreenLake distribution in Asia Pacific

Search URL Search Domain Scan URL

URL: https://itwire.com/telecoms-and-nbn/labor-offers-30,000-homes-without-internet-free-service-for-year.html#comment-5613064510
Title: Re: iTWire - Labor offers 30,000 homes without Internet free service for year

Search URL Search Domain Scan URL

URL: https://itwire.com/telecoms-and-nbn/analyst-puts-labor-nbn-plan-in-same-basket-as-govt-efforts.html#comment-5612760435
Title: Re: iTWire - Analyst puts Labor NBN plan in same basket as govt efforts

Search URL Search Domain Scan URL

URL: https://itwire.com/telecoms-and-nbn/analyst-puts-labor-nbn-plan-in-same-basket-as-govt-efforts.html#comment-5612759535
Title: Re: iTWire - Analyst puts Labor NBN plan in same basket as govt efforts

Search URL Search Domain Scan URL

URL: https://itwire.com/telecoms-and-nbn/analyst-puts-labor-nbn-plan-in-same-basket-as-govt-efforts.html#comment-5612754780
Title: Re: iTWire - Analyst puts Labor NBN plan in same basket as govt efforts

Search URL Search Domain Scan URL

URL: https://itwire.com/telecoms-and-nbn/analyst-puts-labor-nbn-plan-in-same-basket-as-govt-efforts.html#comment-5612754960
Title: Re: iTWire - Analyst puts Labor NBN plan in same basket as govt efforts

Search URL Search Domain Scan URL

URL: https://itwire.com/itwire-latest-news.html
Title: Latest News

Search URL Search Domain Scan URL

URL: https://itwire.com/itwire-magazine.html
Title: MAGAZINE

Search URL Search Domain Scan URL

URL: https://itwire.com/government-tech-news.html
Title: Government

Search URL Search Domain Scan URL

URL: https://itwire.com/itwire-rss.html
Title: RSS

Search URL Search Domain Scan URL

URL: https://www.jobzilla.com.au/

Search URL Search Domain Scan URL

URL: https://jobzilla.com.au/
Title: JobZilla IT Jobs

Search URL Search Domain Scan URL

URL: https://itwire.com/security/content/44.html

Search URL Search Domain Scan URL

URL: https://itwire.com/itwire-journalists
Title: Our Journalists

Search URL Search Domain Scan URL

URL: https://itwire.com/component-k2-38300
Title: About

Search URL Search Domain Scan URL

URL: https://itwire.com/data-management.html

Search URL Search Domain Scan URL

URL: https://itwire.com/media-kit-specifications
Title: Advertising Specs

Search URL Search Domain Scan URL

URL: https://itwire.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://itwire.com/pdf/iTWire%20editorial%20guidelines%20complaint-handling%20process%20V2.pdf
Title: Editorial Guidlines& Complaints Handling

Search URL Search Domain Scan URL

URL: https://itwire.com/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/iTWirecom/144954402244675?ref=tn_tnmn
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/itwire
Title: Twitter

Search URL Search Domain Scan URL

URL: https://digitalpacific.com.au/?utm_source=ITWIREFooter&utm_medium=Sponsor&utm_term=Sponsor&utm_content=ITWIREFooter&utm_campaign=ITWIREFooter
Title: Cloud Hosting

Search URL Search Domain Scan URL

URL: https://bit.ly/3mV91w4

Search URL Search Domain Scan URL

URL: https://www.onwebchat.com/landing.php?s=18553
Title: by onWebChat

Search URL Search Domain Scan URL

URL: https://www.onwebchat.com/landing.php?l=2&s=18553
Title: by onWebChat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png

Request Chain 49

https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png HTTP 301
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png

261 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 81860-la-times-serving-cryptocurrency-mining-script.html' Show response
www.itwire.com/security/ 169 KB
29 KB 2303ms
1782ms Document
text/html 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx / URL Normalizer v1.11 (by JoomlaWorks) - https://www.joomlaworks.net

Resource Hash

a113be1e94912e5565ea7160413ee7f3f447f681f7e49c0b95e01ccad6989bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 08 Dec 2021 22:54:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-content-powered-by: K2 v2.10.4 (by JoomlaWorks)
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=86400 public
expires: Wed, 08 Dec 2021 22:57:50 GMT
pragma: public
x-logged-in: False
x-powered-by: URL Normalizer v1.11 (by JoomlaWorks) - https://www.joomlaworks.net
permissions-policy: interest-cohort=()
last-modified: Thu, 22 Feb 2018 21:42:35 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip

GET
H2 200 562d4d5f38f4a28b114105c4eb62c4fb.css
itwire.com/media/com_jchoptimize/cache/css/ 129 KB
20 KB 513ms
501ms Stylesheet
text/css 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/media/com_jchoptimize/cache/css/562d4d5f38f4a28b114105c4eb62c4fb.css

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

d5b46b44f5ac824a8dd7e0e53d51ee32abe3acd6b1850d05cf1fedb62fce0cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 22:52:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Fri, 07 Jan 2022 22:54:50 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 magnific-popup.min.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 5 KB
2 KB 36ms
17ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 524698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1283
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-148b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7POaC3kNDeihJBMJE0YGnQpPXtnR%2FwUjdJyvOw7WOqtSv8u4iJw%2Bm2vXVbPOVXR3ACDLszzO6ojFcMtjND7s6cSWUpC5B6k%2BBpC6LMYeUwEPc0RLZNTHzaq0wbqH6OdVHXOE8q5ny7neqk8hzBdq2Lvf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba993ef48967031-FRA
expires: Mon, 28 Nov 2022 22:54:50 GMT

GET
H2 200 simple-line-icons.min.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 11 KB
2 KB 41ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eced437d4bb8a726d823bb80013c37e1e0eb81069618e7cc57ff1eadf0d0cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1824990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2041
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-2af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4l%2BDJJN03cRC6nFKTiy3fkbjT4iS5RjLsOYmSlkB%2BhdKR5N5VPArkFyfJfwZq4cln%2B3WrPC6ozyIq2WUyCPwY6KhMJD5sqwSG7W7hTGmY2T3sRMxgGEsafNqtfhNAKeB5t%2BZfo2bYG3ULqT7zHW3qRTX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba993ef48997031-FRA
expires: Mon, 28 Nov 2022 22:54:50 GMT

GET
H2 200 5b4d4e40b7fb5d8094a19869e112e1dd.css
itwire.com/media/com_jchoptimize/cache/css/ 131 KB
25 KB 510ms
498ms Stylesheet
text/css 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/media/com_jchoptimize/cache/css/5b4d4e40b7fb5d8094a19869e112e1dd.css

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

7f8ae97abd0c27249e88a14c434c393c4af4567f5f91c1e4602bfbf79e0a9b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 22:52:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Fri, 07 Jan 2022 22:54:50 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 css
fonts.googleapis.com/ 8 KB
777 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 21:47:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 22:54:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 22:54:50 GMT

GET
H2 200 784dc843b2aafa91529b07ca0bb9d205.css
itwire.com/media/com_jchoptimize/cache/css/ 196 KB
32 KB 268ms
257ms Stylesheet
text/css 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/media/com_jchoptimize/cache/css/784dc843b2aafa91529b07ca0bb9d205.css

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

27ddc1e1f395e17f5607410e7e5232839a233b99a9bccf8d68815006059eeaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 22:52:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Fri, 07 Jan 2022 22:54:50 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,900

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0b1885d9dfb1f6a967b718cc56071cacce4a8340391ea48b040780d13af089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 22:54:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 22:54:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 22:54:50 GMT

GET
H2 200 2a9590b90f9b7ca0c6d4e2dd5daa1495.css
itwire.com/media/com_jchoptimize/cache/css/ 9 KB
3 KB 260ms
249ms Stylesheet
text/css 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/media/com_jchoptimize/cache/css/2a9590b90f9b7ca0c6d4e2dd5daa1495.css

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

1fc8a745a0fd649fa446b48584f37c2cfe4f1e9934c5608f08f338ea7e1af9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 22:52:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Fri, 07 Jan 2022 22:54:50 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 699b127a906b9f8e0bc72ec6b5948d64.js Show response
itwire.com/media/com_jchoptimize/cache/js/ 105 KB
37 KB 514ms
503ms Script
application/javascript 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/media/com_jchoptimize/cache/js/699b127a906b9f8e0bc72ec6b5948d64.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

7a603ecd20783d53cc90a1741a3eb6c84910f9c60510953cf05477b6b303295c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 22:52:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Fri, 07 Jan 2022 22:54:50 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 39ms
22ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2864722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6546
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kNpNXxnToRDLL8L2sG4%2F4cuHp2ZO831wMo4mClqOv9Qgt0dpfug9e1%2BixVpOd3axCCWOBi6eaUp1eWCmXuGCNsDimsnxDpygOMGeK4dgloYucYDHXOCN6AYk110pmMsCcR9%2BcksNPjB%2FaCfO6qkDM%2BG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba993ef489d7031-FRA
expires: Mon, 28 Nov 2022 22:54:50 GMT

GET
H2 200 19a54b2068522694af4e8a9fe8d9352b.js Show response
itwire.com/media/com_jchoptimize/cache/js/ 301 KB
83 KB 514ms
504ms Script
application/javascript 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/media/com_jchoptimize/cache/js/19a54b2068522694af4e8a9fe8d9352b.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

6ed908068594533016e752e480de139695ee332278bdfa8ede9a89abc5f6bcd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 22:52:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Fri, 07 Jan 2022 22:54:50 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 onwebchat.js Show response
itwire.com/plugins/system/onwebchat/ 1 KB
573 B 514ms
504ms Script
application/javascript 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/plugins/system/onwebchat/onwebchat.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

f327aaca8141d2431fc85cf4e23e0a82be62acb848f94b0c2e9f77f37074d1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 16:45:22 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Fri, 07 Jan 2022 22:54:50 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 899 of 1000 / last-modified: 1638965328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Dec 2021 22:54:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 55ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

1546b1a657363c277a40f552e1746d7c6b8c03f332761719a69bf6b909cbe290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 172 of 1000 / last-modified: 1638965393"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27038
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Dec 2021 22:54:51 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 48ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (frb/668B)
Age: 652
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 39 KB
13 KB 47ms
16ms Script
application/x-javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 11:08:17 GMT
server: cloudflare
age: 41615
etag: W/"61656ca1-9cdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6ba993f44f5542cf-FRA
expires: Wed, 08 Dec 2021 23:21:16 GMT

GET
H2 200 system.css
itwire.com/media/system/css/ 1 KB
825 B 255ms
255ms Stylesheet
text/css 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/media/system/css/system.css

Requested by

Host: itwire.com
URL: https://itwire.com/media/com_jchoptimize/cache/css/784dc843b2aafa91529b07ca0bb9d205.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

4f26ecfc3fa7e6ee6de449aa3a121e113a05d64f2d0e7c379a9c2373451069ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itwire.com/media/com_jchoptimize/cache/css/784dc843b2aafa91529b07ca0bb9d205.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Oct 2021 07:46:50 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Fri, 07 Jan 2022 22:54:51 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4792
date: Wed, 08 Dec 2021 21:34:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Dec 2021 23:34:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itwire.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 465303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:39:48 GMT

GET fontawesome-webfont.woff2
itwire.com/templates/ja_focus/fonts/font-awesome/fonts/ 0
0

GET
H2 200 ITWire_more_than_tech_news.png
itwire.com/images/articles/Resized/ 3 KB
3 KB 250ms
250ms Image
image/png 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/images/articles/Resized/ITWire_more_than_tech_news.png

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

a6aa9e41c73328b4ab3c5f772d4470a4d47da2cf8434843e5f811b9e604dc674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 May 2020 18:32:43 GMT
server: nginx
content-type: image/png
expires: Sun, 06 Feb 2022 22:54:51 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 3027
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 20ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itwire.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 108005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 16:54:46 GMT

GET
H/1.1 200
OK embed.js Show response
itwire.disqus.com/ 74 KB
24 KB 171ms
132ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.disqus.com/embed.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

921d26c66221a86e43e10338a0dcdc5c0609dc492b22ea11de254724c123f48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:51 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24579
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK count.js Show response
itwire.disqus.com/ 1 KB
2 KB 47ms
7ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.disqus.com/count.js

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 207
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 06 Dec 2021 22:57:40 GMT
Server: nginx
ETag: "61ae9564-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: Q8g5r2PDvP0J-XuJcIIIGvGpBKETeF0fFMGfqBNOBZTDjNKU8LEm6w==

GET
H3 200 Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/ 29 KB
30 KB 23ms
12ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/Simple-Line-Icons.woff2?v=2.4.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css
Origin: https://www.itwire.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 525244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30064
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-7570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w9JfOpamnwD6pyPG%2BfClrZlDPl3duE8zqsBJP%2Fu6wa3ACEoK55Tqjixpcoen%2BvkiXl%2B7YC1q%2BPP6Bp8jMjChMKZW6Nse7fboDWhWkFcXQkaYSVjd8jw%2FReCXb2BGTbpqyULdTi7%2FjmfgWQtlBhUowtm"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba993f46c9e4eb6-FRA
expires: Mon, 28 Nov 2022 22:54:51 GMT

GET
H2 200 30b71684403ef6de3eeb358f684cca0f_M.jpg
itwire.com/media/k2/items/cache/ 74 KB
74 KB 252ms
251ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/30b71684403ef6de3eeb358f684cca0f_M.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

0bbbe82c2c69fe0b718af4a985298d05ff31e27cc50a0fe1fa19e527416cb29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2018 21:33:08 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:51 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 75290
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 coin_hive.png
itwire.com/images/authors-images/samvarghese/ 196 KB
196 KB 260ms
259ms Image
image/png 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/images/authors-images/samvarghese/coin_hive.png

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

0c897f1bf4f7804a9072a0b640853cc3ffb4d818f751498988ff0d588f358a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2018 21:39:21 GMT
server: nginx
content-type: image/png
expires: Sun, 06 Feb 2022 22:54:51 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 200321
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 warning.png
itwire.com/images/authors-images/samvarghese/ 94 KB
94 KB 502ms
501ms Image
image/png 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/images/authors-images/samvarghese/warning.png

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

c9bc89661146da8ef00fcb3faef57e10ae5e64a63e29f06b3f58d33aac6e6ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2018 21:39:56 GMT
server: nginx
content-type: image/png
expires: Sun, 06 Feb 2022 22:54:51 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 96106
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 6.jpg
itwire.com/media/k2/users/ 3 KB
3 KB 502ms
501ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/users/6.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

7b521166001234a80e9297c8264cea4b9601dfd3d1365e14686f9dd60f6c3693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Jul 2012 04:54:56 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:51 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 2865
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 141dd54d3f5c5baed1c5cd74a786c5fc_XS.jpg
itwire.com/media/k2/items/cache/ 5 KB
5 KB 483ms
482ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/141dd54d3f5c5baed1c5cd74a786c5fc_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

a02843d4c6fcd7726682d7275eb7080183d90521066a7fd20ac4c30a8adc76d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 01:17:45 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:51 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 5348
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 728a73f6955709bd2236b4ecdf975540_XS.jpg
itwire.com/media/k2/items/cache/ 2 KB
3 KB 483ms
483ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/728a73f6955709bd2236b4ecdf975540_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

ff3f38603fdc7a304a7a63e7f595196aa9196a0dfe7be01314361924dc29e01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Nov 2021 23:35:47 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:51 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 2518
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 56b6fd9e88135d2cd43f8dcaa332b2d9_XS.jpg
itwire.com/media/k2/items/cache/ 3 KB
4 KB 250ms
249ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/56b6fd9e88135d2cd43f8dcaa332b2d9_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

5b79c3d8b042d767832af62a1766e7bc2ab90b0043036caf2f3ee84b70b8843b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Nov 2021 21:50:22 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 3376
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 7eeddea03335f3110505c1c11b3b082c_XS.jpg
itwire.com/media/k2/items/cache/ 4 KB
5 KB 251ms
249ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/7eeddea03335f3110505c1c11b3b082c_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

e4c50a4655dafb47029f8cfb54a26fb328ac6991f841a2c0b7079201f2dc733d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 00:57:34 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 4560
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 6f8502e2f159cf4af9ba4776973c76f0_XS.jpg
itwire.com/media/k2/items/cache/ 3 KB
4 KB 251ms
250ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/6f8502e2f159cf4af9ba4776973c76f0_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

195286a8bbab6d00a6ffab517c4d90116206538c9cf3029b2da85f6991893cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 24 Oct 2021 09:58:43 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 3436
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 b2901a6c9839f95256a5c8f4c2226661_XS.jpg
itwire.com/media/k2/items/cache/ 7 KB
7 KB 252ms
251ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/b2901a6c9839f95256a5c8f4c2226661_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

5a3f14e6f4fbb56b7c245cff881d1e3c9b5e03e2c62d63e9af67ebf9a8f19b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 08:42:56 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 7227
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 80caaff736db158f1314d1156fe5c697_XS.jpg
itwire.com/media/k2/items/cache/ 5 KB
5 KB 253ms
251ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/80caaff736db158f1314d1156fe5c697_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

8ff028c7ccfefb191fe4ef11c0beb642ba8bb47914b608a5682948c4f3f4f5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 08:02:54 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 5057
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 48986933e175d54b6887c13e3118d573_XS.jpg
itwire.com/media/k2/items/cache/ 7 KB
7 KB 253ms
252ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/48986933e175d54b6887c13e3118d573_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

3354f35e411af23bdb1c6f899db53b4b022730e9f7b1d5a6c452e35800a6719a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 07:30:42 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 6881
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 d3d4d57c561570cef36d9a1db87db555_XS.jpg
itwire.com/media/k2/items/cache/ 5 KB
5 KB 254ms
252ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/d3d4d57c561570cef36d9a1db87db555_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

93e65d3c410f50355be5d8709c90eb1ab32b52524fc0216913c23a5321b9e828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 06:56:05 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 4931
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 d12bf33232e1f12b047c70056011e880_XS.jpg
itwire.com/media/k2/items/cache/ 6 KB
7 KB 254ms
253ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/d12bf33232e1f12b047c70056011e880_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

b8706b31948191d96c612540e37b89878ea51c09d6b3b62077cc48fe2e77d92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 07:07:34 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 6504
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 16019d75d4ebab8bdeb56d849c4f1c6a_XS.jpg
itwire.com/media/k2/items/cache/ 4 KB
5 KB 255ms
253ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/16019d75d4ebab8bdeb56d849c4f1c6a_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

d4e7f429a1f7f92d8fbc146387116fc3fbf30c19f483ab32fadec864a4f9c698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 01:43:23 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 4463
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 60bf1103beb2877e889d27abaf336c6d_XS.jpg
itwire.com/media/k2/items/cache/ 4 KB
4 KB 255ms
254ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/60bf1103beb2877e889d27abaf336c6d_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

8fa7e18a578a78f77ef955aaee53cb95c283cb05030fcc4e347d2b319d931dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 00:52:48 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 4066
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 3563df6ee5f5f224a24e30430dfab02f_XS.jpg
itwire.com/media/k2/items/cache/ 9 KB
10 KB 257ms
255ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/3563df6ee5f5f224a24e30430dfab02f_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

d6ec059984215ec03f34e2cef49527d5ec2c6467624cdfd18de58949db9e3a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 00:55:35 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 9671
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 c9e53c6cdb5d09deda418a0fd54bb525_XS.jpg
itwire.com/media/k2/items/cache/ 3 KB
4 KB 257ms
256ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/c9e53c6cdb5d09deda418a0fd54bb525_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

746023e2560c82cdbf7252e3fdf2ac8a5b3ae37066058df28d71b05dfad58a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 04:20:49 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 3536
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 5e0dc5188325b6c8cbf000a730202467_XS.jpg
itwire.com/media/k2/items/cache/ 5 KB
5 KB 258ms
256ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/media/k2/items/cache/5e0dc5188325b6c8cbf000a730202467_XS.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

7e43e7f65a34f2c8add39ab9bfe96400e69fecac5a3c90066cd5bc561c509971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Sep 2021 11:34:22 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:52 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 5261
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H3 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
116 KB 35ms
19ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Dec 2021 22:54:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
110 B 32ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itwire.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0e48fd93252f08db0a5f11b42ab43e564b2dc85488804bef11580c42c1050ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Wed, 08 Dec 2021 22:54:51 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
468 B 140ms
129ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=4176764&u1=9C6A065DFB6F4F36FE7AF7094495CC96&java=1&security=7a0b44bb&sc_snum=1&sess=30eed3&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html%27&t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&invisible=1&sc_rum_e_s=3231&sc_rum_e_e=3236&sc_rum_f_s=0&sc_rum_f_e=3163&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ba993f4f85942cf-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.itwire.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=698259863&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27&ul=en-us&de=UTF-8&dt=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1333344233&gjid=928956579&cid=1888892486.1639004092&tid=UA-38385927-1&_gid=313865446.1639004092&_r=1&_slc=1&z=1726434499

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itwire.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itwire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

icon-facebook-bt.png
itwire.com/templates/ja_nex/images/
Redirect Chain

https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png
https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png

0
0

GET

icon-twitter-bt.png
itwire.com/templates/ja_nex/images/
Redirect Chain

https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png
https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png

0
0

GET
H/1.1 200
OK count-data.js Show response
itwire.disqus.com/ 238 B
819 B 110ms
109ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.disqus.com/count-data.js?1=81860

Requested by

Host: itwire.disqus.com
URL: https://itwire.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bc123809dae41c5843c3b55cadeea8931b9049ce9293a8876b640e1c1d5c69e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 238
X-XSS-Protection: 1; mode=block

GET
H2 200 cc76c505b19c56e265381926e77e6e35 Show response
www.onwebchat.com/clientchat/ 109 KB
28 KB 135ms
40ms Script
text/html 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onwebchat.com/clientchat/cc76c505b19c56e265381926e77e6e35
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 292b47c2231eee6b5126beadc660b4504a97c329d6d501a8060d58f0ff82a532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"1b593-4mKSYfF8KTvs2PAkC3ed5LFoUGk"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=20
access-control-allow-headers: Content-Type

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itwire.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 464569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:52:02 GMT

GET ampz.woff
itwire.com/plugins/system/ampz/ampz/css/fonts/ 0
0

GET
H2 200 index.php Show response
www.itwire.com/ 1 B
276 B 522ms
522ms XHR
text/html 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itwire.com/index.php?option=com_ampz&task=fetchShareCount&format=json&network=facebook&url=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27&access_token_fb=0

Requested by

Host: itwire.com
URL: https://itwire.com/media/com_jchoptimize/cache/js/699b127a906b9f8e0bc72ec6b5948d64.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
expires: Wed, 08 Dec 2021 22:54:51 GMT
cache-control: max-age=0, public
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS

GET
H2 200 index.php Show response
www.itwire.com/ 1 B
276 B 385ms
384ms XHR
text/html 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itwire.com/index.php?option=com_ampz&task=fetchShareCount&format=json&network=twitter&url=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27

Requested by

Host: itwire.com
URL: https://itwire.com/media/com_jchoptimize/cache/js/699b127a906b9f8e0bc72ec6b5948d64.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
expires: Wed, 08 Dec 2021 22:54:51 GMT
cache-control: max-age=0, public
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS

GET
H2 200 index.php Show response
www.itwire.com/ 1 B
276 B 384ms
384ms XHR
text/html 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itwire.com/index.php?option=com_ampz&task=fetchShareCount&format=json&network=linkedin&url=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27

Requested by

Host: itwire.com
URL: https://itwire.com/media/com_jchoptimize/cache/js/699b127a906b9f8e0bc72ec6b5948d64.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
expires: Wed, 08 Dec 2021 22:54:51 GMT
cache-control: max-age=0, public
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS

GET
H2 200 index.php Show response
www.itwire.com/ 1 B
276 B 572ms
571ms XHR
text/html 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itwire.com/index.php?option=com_ampz&task=fetchShareCount&format=json&network=reddit&url=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27

Requested by

Host: itwire.com
URL: https://itwire.com/media/com_jchoptimize/cache/js/699b127a906b9f8e0bc72ec6b5948d64.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
expires: Wed, 08 Dec 2021 22:54:51 GMT
cache-control: max-age=0, public
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS

GET
H2 200 index.php Show response
www.itwire.com/ 1 B
276 B 384ms
384ms XHR
text/html 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itwire.com/index.php?option=com_ampz&task=fetchShareCount&format=json&network=flipboard&url=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27

Requested by

Host: itwire.com
URL: https://itwire.com/media/com_jchoptimize/cache/js/699b127a906b9f8e0bc72ec6b5948d64.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
expires: Wed, 08 Dec 2021 22:54:51 GMT
cache-control: max-age=0, public
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame B7A4 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.itwire.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 182269
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Dec 2021 22:54:51 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itwire.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itwire.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 MB
74 KB 598ms
597ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=903907024679381&correlator=530820375099569&output=ldjh&impl=fifs&eid=31063914&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211208&iu_parts=1015422%2CLB-Small-ROS%2CLB-HP%2CLeaderboard-Small-HP%2CMREC-ATF-HP%2CMREC-BTF-HP%2CLeft-SK%2CRIGHT-SK%2CLB-ROS%2CBEACON-ROS%2CHome_Page_LS%2CHome_Page_RS%2CDeluxe_Lead_Driver%2CHomepage_sticker%2CRecruitment_Market_Segment_Banner%2CPeople_Moves_MSEG%2CMREC-ATF-ROS%2CMREC-LGE-ROS%2CMINIREC_ROS%2CMREC-BTF-ROS%2CLB-Footer-ROS%2CBig_Data_Mseg_LHS%2CBig_Data_Mseg_RHS%2CSecurity_Mseg_Banner%2CSecurity_Mseg_LHS%2CSecurity_Mseg_RHS%2CBottom_Driver%2CMREC-BTF-LEFT-HP&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F4%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F9%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21%2C%2F0%2F22%2C%2F0%2F23%2C%2F0%2F24%2C%2F0%2F25%2C%2F0%2F12%2C%2F0%2F26%2C%2F0%2F27&prev_iu_szs=250x90%2C728x90%2C250x90%2C300x250%2C300x250%2C160x600%2C160x600%2C300x250%2C728x90%2C300x140%7C300x250%2C160x1200%7C160x600%2C160x600%7C160x1200%2C600x260%2C300x300%2C600x108%2C600x108%2C300x250%2C300x600%2C300x140%7C300x250%2C300x140%7C300x250%2C300x250%2C728x90%2C160x1200%7C160x600%2C160x600%7C160x1200%2C600x108%2C160x600%7C160x1200%2C160x600%7C160x1200%2C600x260%2C600x260%2C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1519335755&dt=1639004091810&dlt=1639004090731&idt=1036&frm=20&biw=1600&bih=1200&oid=2&adxs=1170%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C439%2C-9%2C-9%2C-9%2C-9%2C1037%2C-9%2C-9%2C1037%2C1037%2C1037%2C1037%2C1037%2C251%2C-9%2C-9%2C251%2C0%2C1440%2C251%2C-9%2C251&adys=64%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C64%2C-9%2C-9%2C-9%2C-9%2C270%2C-9%2C-9%2C634%2C1714%2C5574%2C8152%2C9964%2C12567%2C-9%2C-9%2C254%2C0%2C0%2C4086%2C-9%2C1115&adks=888817850%2C1401012998%2C1415879083%2C1636880831%2C356501430%2C2652426188%2C2912158054%2C2176297592%2C4066883799%2C3802436934%2C2359840482%2C3010391028%2C3825953257%2C722149785%2C2374105189%2C1653731079%2C1491631762%2C847824855%2C1424882552%2C1916459393%2C3915067817%2C837523267%2C2493012871%2C390253296%2C836704581%2C1175608076%2C3589679716%2C3261841317%2C3140207053%2C2805202052&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq%7Cr%7Cs%7Ct%7Cu&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27&vis=1&dmc=8&scr_x=0&scr_y=0&psz=235x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C690x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C325x331%7C0x-1%7C0x-1%7C325x281%7C325x631%7C325x31%7C325x31%7C325x281%7C1130x134%7C0x-1%7C0x-1%7C705x108%7C160x0%7C160x0%7C705x260%7C0x-1%7C705x250&msz=180x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1%7C0x-1%7C300x-1%7C300x-1%7C295x0%7C295x0%7C300x-1%7C728x-1%7C0x-1%7C0x-1%7C600x-1%7C160x0%7C160x0%7C600x-1%7C0x-1%7C300x-1&ga_vid=1888892486.1639004092&ga_sid=1639004092&ga_hid=698259863&ga_fc=true&fws=0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C0%2C4%2C4%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C160%2C160%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C0%7C1%7C2%7C3%7C4%7C5%7C-1%7C-1%7C0%7C0%7C0%7C6%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4c6bbc212487afc8786717ff87de5665283ea218b92428750749b0dec002bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75752
x-xss-protection: 0
google-lineitem-id: 5398743532,3391232,-2,4566477351,4566477351,-2,-2,4566477351,3391232,4919883981,5831951188,5831951188,5814166266,5050015107,5417513025,-2,5050445240,5690981730,4919883981,5807108119,5805884760,5807810555,-2,-2,5816677097,5816045464,5816045464,-2,-2,5374248957
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314385213,138371137767,-2,138371137947,138371137893,-2,-2,138371064701,138371137746,138371137377,138371222323,138371222185,138367961036,138314654283,138329350851,-2,138268592471,138371138061,138371082662,138366760086,138366750884,138366760818,-2,-2,138368081921,138368082014,138368082002,-2,-2,138311853077
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.itwire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dc862a24dea37f8b18425e755358059a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDE5 6 KB
4 KB 71ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc862a24dea37f8b18425e755358059a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 08 Dec 2021 22:54:51 GMT
expires: Thu, 08 Dec 2022 22:54:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 51ms
10ms Other
text/css 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: itwire.disqus.com
URL: https://itwire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84464
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: pUxfwzVrQLJfIWB9R0gv0aNWN4MUE-L-Zra4dbSAfCcImHwBWaM_ww==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 0
93 KB 56ms
15ms Other
application/javascript 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: itwire.disqus.com
URL: https://itwire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3830961
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: QmEHvVmzJ5-b3nH1psXD7LaT0herFjl7vD0Ewp5wjAH9a_wbenKdcA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js
c.disquscdn.com/next/embed/ 0
121 KB 65ms
25ms Other
application/javascript 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: itwire.disqus.com
URL: https://itwire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84464
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: 9aeGU7gwhMCeC1dwjC9IRrWGmLi5WdL1Qhw_aJsDDEcvHdnZ-uK5bw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 31ms
6ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: itwire.disqus.com
URL: https://itwire.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:51 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 34
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/ 82 KB
27 KB 21ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.onwebchat.com
URL: https://www.onwebchat.com/clientchat/cc76c505b19c56e265381926e77e6e35

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2335364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26657
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FsXgNcWeevNI5x%2F6jYFPib2Uls8kpJZcGMfAFJgjY4AAPwzH5y%2FrBVGegumvbzCxOpx1oEG5wT%2B9M62FU7RoEAb%2BkkTKcyIs4XblegnB7ZJOW0P9h1aI2ljQ94%2FC1bLF0f%2Br6M63k3pI2WlTNkVQ4WA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba993f65a5f4e5c-FRA
expires: Mon, 28 Nov 2022 22:54:51 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B7A4 232 B
447 B 134ms
111ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=be185cc40789bbc83decc7c1fd0fa6baf31fcf61

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.itwire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 22:54:51 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 186dcf213e5277e611c25347a8777e8b9202354b00ca2a646464a03aea73b692
content-length: 166

GET
H3 200 socket.io.min.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/ 95 KB
23 KB 15ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/socket.io.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03ed8a8c964517127b400ed14214a1d1d42e358e95a1c9212c2f64969d035633

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3024952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22519
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-17d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJ2OdSaa4t6tqMihQ0b%2F0XvBfiyiyzC7q18UwzcaF6NgVpiddeEk4vJvsIXstbuAig3g5xDCCzB8o6Mefbv2%2FiwJ45r6NHzbgSdWZfYp9Ro7nFYrgyh%2Br5nXTe7cZXTB9%2FYdfzxAgTne7csWc4HSq3z5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba993f69aca4e5c-FRA
expires: Mon, 28 Nov 2022 22:54:51 GMT

GET
H2 200 / Show response
www.onwebchat.com/socket.io/ 101 B
280 B 55ms
55ms XHR
application/octet-stream 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onwebchat.com/socket.io/?server=1&EIO=3&transport=polling&t=NsSGRPC
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 42409496110e7d0c671c3e6040fcd4dbce5924b823daeae946700c91a486dae0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.itwire.com
date: Wed, 08 Dec 2021 22:54:52 GMT
access-control-allow-credentials: true
server: nginx/1.18.0 (Ubuntu)
content-length: 101
content-type: application/octet-stream

GET
H2 200 back4.png
www.onwebchat.com/chatimages/backgrounds/ 6 KB
7 KB 50ms
50ms Image
image/png 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onwebchat.com/chatimages/backgrounds/back4.png
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6f2a29f62ded994df2cffdce9f910d560cc8d71d078ee27af18653a448cea48b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 08 Dec 2021 22:54:52 GMT
last-modified: Tue, 17 Nov 2020 11:35:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "5fb3b584-1992"
content-type: image/png
cache-control: max-age=6048000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 6546
expires: Wed, 16 Feb 2022 22:54:52 GMT

GET
H2 200 trans-back4.png
www.onwebchat.com/chatimages/backgrounds/ 2 KB
2 KB 51ms
50ms Image
image/png 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onwebchat.com/chatimages/backgrounds/trans-back4.png
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 93b03cb5858b85b7416c62c67842f3fd21239844af20b5d910ac2d222470bd76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 08 Dec 2021 22:54:52 GMT
last-modified: Tue, 17 Nov 2020 11:35:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "5fb3b584-807"
content-type: image/png
cache-control: max-age=6048000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2055
expires: Wed, 16 Feb 2022 22:54:52 GMT

GET
H2 200 live-chat-images-3.png
www.onwebchat.com/chatimages/ 7 KB
7 KB 52ms
52ms Image
image/png 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onwebchat.com/chatimages/live-chat-images-3.png?v=2
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 71b82946f446dacb003563eb1303510f29b25a6ad04fc228f3c35ee7e5488998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 08 Dec 2021 22:54:52 GMT
last-modified: Tue, 17 Nov 2020 11:35:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "5fb3b584-1b30"
content-type: image/png
cache-control: max-age=6048000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 6960
expires: Wed, 16 Feb 2022 22:54:52 GMT

GET
H2 200 offline-contact-us-2.png
www.onwebchat.com/chatWidgetImages/predefined/offline/ 10 KB
11 KB 47ms
47ms Image
image/png 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onwebchat.com/chatWidgetImages/predefined/offline/offline-contact-us-2.png
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e14e57988f7e9fa2353c068a855d39e48624dc4f6d9c3af31c595f5839c7682c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 08 Dec 2021 22:54:52 GMT
last-modified: Tue, 17 Nov 2020 11:35:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "5fb3b584-2926"
content-type: image/png
cache-control: max-age=6048000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 10534
expires: Wed, 16 Feb 2022 22:54:52 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 13A9 7 KB
4 KB 163ms
163ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=

Requested by

Host: itwire.disqus.com
URL: https://itwire.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8d2a34cb8f7db1fab641c02490d46f1d7c364ad88980b77056831c662ef7678d

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/

Response headers

Connection: keep-alive
Content-Length: 2942
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 19 Nov 2021 07:44:57 GMT
ETag: W/"lounge:view:6498098956.c659caa93fbad1aaf6b642a4d8cf8d98.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Wed, 08 Dec 2021 22:54:52 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 / Show response
www.onwebchat.com/socket.io/ 5 B
182 B 34ms
33ms XHR
application/octet-stream 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onwebchat.com/socket.io/?server=1&EIO=3&transport=polling&t=NsSGRQ9&sid=0oiBvMTfsCSG6SjvvlRg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.itwire.com
date: Wed, 08 Dec 2021 22:54:52 GMT
access-control-allow-credentials: true
server: nginx/1.18.0 (Ubuntu)
content-length: 5
content-type: application/octet-stream

GET
H/1.1 200
OK horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A7) /
Resource Hash: 7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:11 GMT
Server: ECS (frb/67A7)
Age: 182270
Etag: "8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2438

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame E229 487 B
972 B 8ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 03b0b4ea7bd75f32536e7c0cad82a35dacd449b1f626ef7ffe06591b210363de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1445
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Dec 2021 22:54:52 GMT
Etag: "05f259906620f2f7f0a6236a2691bcda"
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 31B6 487 B
972 B 21ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 03b0b4ea7bd75f32536e7c0cad82a35dacd449b1f626ef7ffe06591b210363de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1445
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Dec 2021 22:54:52 GMT
Etag: "05f259906620f2f7f0a6236a2691bcda"
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 / Show response
www.onwebchat.com/socket.io/ 47 B
225 B 43ms
43ms XHR
application/octet-stream 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onwebchat.com/socket.io/?server=1&EIO=3&transport=polling&t=NsSGRQs&sid=0oiBvMTfsCSG6SjvvlRg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4a96072a38b7fd89b48f324601670e4faec8e2076f8fc1e2bc27d2cbafd9c384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.itwire.com
date: Wed, 08 Dec 2021 22:54:52 GMT
access-control-allow-credentials: true
server: nginx/1.18.0 (Ubuntu)
content-length: 47
content-type: application/octet-stream

POST
H2 200 / Show response
www.onwebchat.com/socket.io/ 2 B
170 B 39ms
38ms XHR
text/html 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onwebchat.com/socket.io/?server=1&EIO=3&transport=polling&t=NsSGRQw&sid=0oiBvMTfsCSG6SjvvlRg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.itwire.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.itwire.com
date: Wed, 08 Dec 2021 22:54:52 GMT
access-control-allow-credentials: true
server: nginx/1.18.0 (Ubuntu)
content-length: 2
content-type: text/html

GET
H/1.1 200
OK embed.runtime.73157d07ac400de4c606.js Show response
platform.twitter.com/embed/ Frame E229 8 KB
4 KB 11ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 655e1b1c2df2d432818e7b88a43034255279b0b75d20a08cbca8ff6ccbf85330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/673A)
Age: 182270
Etag: "3a95da679725b97563da931fc8fd306d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3523

GET
H/1.1 200
OK embed.modules.66e311263622456867b1.js Show response
platform.twitter.com/embed/ Frame E229 519 KB
163 KB 16ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/669E)
Age: 182268
Etag: "d2a7d4d81994376470f2560f453ad37b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 166772

GET
H/1.1 200
OK embed.i18n.c052951fae9a0c2b4020.js Show response
platform.twitter.com/embed/ Frame E229 146 B
651 B 16ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6738)
Age: 182270
Etag: "ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 146

GET
H/1.1 200
OK embed.Tweet.c4f48f6a1a0886631005.js Show response
platform.twitter.com/embed/ Frame E229 16 KB
6 KB 27ms
11ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.c4f48f6a1a0886631005.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: d9473dc254914f26f7000bc3eacc42988538946d23e38b6a98f7648f22e13378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6772)
Age: 182270
Etag: "d9dd9adbd164ddf67c4413784c471ff5+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5739

GET
H/1.1 200
OK embed.runtime.73157d07ac400de4c606.js Show response
platform.twitter.com/embed/ Frame 31B6 8 KB
4 KB 12ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 655e1b1c2df2d432818e7b88a43034255279b0b75d20a08cbca8ff6ccbf85330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/673A)
Age: 182270
Etag: "3a95da679725b97563da931fc8fd306d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3523

GET
H/1.1 200
OK embed.modules.66e311263622456867b1.js Show response
platform.twitter.com/embed/ Frame 31B6 519 KB
163 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/669E)
Age: 182268
Etag: "d2a7d4d81994376470f2560f453ad37b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 166772

GET
H/1.1 200
OK embed.i18n.c052951fae9a0c2b4020.js Show response
platform.twitter.com/embed/ Frame 31B6 146 B
651 B 13ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6738)
Age: 182270
Etag: "ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 146

GET
H/1.1 200
OK embed.Tweet.c4f48f6a1a0886631005.js Show response
platform.twitter.com/embed/ Frame 31B6 16 KB
6 KB 17ms
16ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.c4f48f6a1a0886631005.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: d9473dc254914f26f7000bc3eacc42988538946d23e38b6a98f7648f22e13378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6772)
Age: 182270
Etag: "d9dd9adbd164ddf67c4413784c471ff5+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5739

GET
H2 200 / Show response
www.onwebchat.com/socket.io/ 80 B
258 B 37ms
37ms XHR
application/octet-stream 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onwebchat.com/socket.io/?server=1&EIO=3&transport=polling&t=NsSGRRY&sid=0oiBvMTfsCSG6SjvvlRg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f42afe2d52b73e8d1578a18e8fb539e5f7ce3e0abf428b32cafd58564a7011bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.itwire.com
date: Wed, 08 Dec 2021 22:54:52 GMT
access-control-allow-credentials: true
server: nginx/1.18.0 (Ubuntu)
content-length: 80
content-type: application/octet-stream

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js Show response
platform.twitter.com/embed/ Frame E229 29 KB
10 KB 15ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6725)
Age: 182270
Etag: "243d823d043564092099acd4323c5b02+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 9316

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.803ee907f212c9d5c2a8.js Show response
platform.twitter.com/embed/ Frame E229 4 KB
2 KB 18ms
18ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.803ee907f212c9d5c2a8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: c39f38776508cc2a307bc5b09b86446fb7ed06e2d0e77f0ba25639ed35cab1cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/67F2)
Age: 182270
Etag: "6c690ed926a46ac53582571243a1209b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1789

GET
H2 200 / Show response
www.onwebchat.com/socket.io/ 4 B
181 B 72ms
72ms XHR
application/octet-stream 54.171.144.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onwebchat.com/socket.io/?server=1&EIO=3&transport=polling&t=NsSGRSq&sid=0oiBvMTfsCSG6SjvvlRg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.5/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.171.144.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-144-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.itwire.com
date: Wed, 08 Dec 2021 22:54:52 GMT
access-control-allow-credentials: true
server: nginx/1.18.0 (Ubuntu)
content-length: 4
content-type: application/octet-stream

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js Show response
platform.twitter.com/embed/ Frame 31B6 29 KB
10 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6725)
Age: 182270
Etag: "243d823d043564092099acd4323c5b02+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 9316

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.803ee907f212c9d5c2a8.js Show response
platform.twitter.com/embed/ Frame 31B6 4 KB
2 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.803ee907f212c9d5c2a8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: c39f38776508cc2a307bc5b09b86446fb7ed06e2d0e77f0ba25639ed35cab1cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/67F2)
Age: 182270
Etag: "6c690ed926a46ac53582571243a1209b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1789

GET
H2 200 lounge.load.9068118211410bc5f67f5bb8d6806cba.js Show response
c.disquscdn.com/next/embed/ Frame 13A9 958 B
1 KB 31ms
11ms Script
application/javascript 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84465
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 494
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1ee"
content-type: application/javascript; charset=utf-8
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: G7mjDYvJtX8Shnd3rUiK5INlyQS04lebrLJ6m9hm2xZYUnAlqXJUvw==
x-cache-hits: 0

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js Show response
platform.twitter.com/embed/ Frame E229 383 KB
94 KB 8ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/67A8)
Age: 182269
Etag: "28a37f9b17808aa66f17b1c227be059e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 96013

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js Show response
platform.twitter.com/embed/ Frame E229 17 KB
6 KB 7ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6711)
Age: 182270
Etag: "c247e426d2ec154064a87aaff54defce+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5857

GET
H/1.1 200
OK embed.ondemand.Tweet.aae5a43a2a0769f682d8.js Show response
platform.twitter.com/embed/ Frame E229 66 KB
16 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.aae5a43a2a0769f682d8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 6cbf3d5198e3c67803ca9868b5ee9c2c464f2e6ddcce9cef64ed608c5c57949f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966748041897299968&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/67F3)
Age: 182270
Etag: "97f699efb69f30d41bbda8690575fe25+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 16017

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js Show response
platform.twitter.com/embed/ Frame 31B6 383 KB
94 KB 11ms
10ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/67A8)
Age: 182269
Etag: "28a37f9b17808aa66f17b1c227be059e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 96013

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js Show response
platform.twitter.com/embed/ Frame 31B6 17 KB
6 KB 13ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/6711)
Age: 182270
Etag: "c247e426d2ec154064a87aaff54defce+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5857

GET
H/1.1 200
OK embed.ondemand.Tweet.aae5a43a2a0769f682d8.js Show response
platform.twitter.com/embed/ Frame 31B6 66 KB
16 KB 11ms
10ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.aae5a43a2a0769f682d8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.73157d07ac400de4c606.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 6cbf3d5198e3c67803ca9868b5ee9c2c464f2e6ddcce9cef64ed608c5c57949f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=966024109787353089&lang=en-gb&origin=https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html&sessionId=be185cc40789bbc83decc7c1fd0fa6baf31fcf61&siteScreenName=itwire&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 23:20:58 GMT
Server: ECS (frb/67F3)
Age: 182270
Etag: "97f699efb69f30d41bbda8690575fe25+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 16017

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js Show response
c.disquscdn.com/next/embed/ Frame 13A9 282 KB
93 KB 8ms
8ms Script
application/javascript 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3830962
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: SyTJf523rUBKBdG99bedxxKRP84eT4mOo71DBYZFz9vepNU_K7F4vg==
x-cache-hits: 0

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame E229 3 KB
2 KB 220ms
181ms XHR
application/json 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=966748041897299968&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

dfa8bd55827661012326ff2ba9df187ea1a362487606ccf037db72b1b854734c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"dd8-vV9PWhSmODFKeaVw5hEF2H5gehw"
x-powered-by: Express
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-xss-protection: 0
x-response-time: 161
server: tsa_f
x-frame-options: SAMEORIGIN
date: Wed, 08 Dec 2021 22:54:52 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 5186da6634de0ee57906841e2efd145ec10bf329bef64a958b7ceab69df565fe
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET fontawesome-webfont.woff
itwire.com/templates/ja_focus/fonts/font-awesome/fonts/ 0
0

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 31B6 2 KB
951 B 230ms
221ms XHR
application/json 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=966024109787353089&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

f67ffedc9ff35fb1c5e6583bcbad8e5e357b98191a3bbaf17500e4d9d41d5816

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"8aa-cRKHQNmbv8ZBI9aoP89qhR/Y5TE"
x-powered-by: Express
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-xss-protection: 0
x-response-time: 200
server: tsa_f
x-frame-options: SAMEORIGIN
date: Wed, 08 Dec 2021 22:54:52 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: d68b125aeed8b4884f15d4bc7e473fd57d5ab71f1a56cda60696661bdca682ff
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ Frame 13A9 165 KB
26 KB 8ms
8ms Stylesheet
text/css 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84465
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: MhaP6rxihEpbaDBu27Rj7_kIaDExb0IIA3bxD8_--4l7jRF09EFjCA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js Show response
c.disquscdn.com/next/embed/ Frame 13A9 475 KB
121 KB 8ms
8ms Script
application/javascript 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84465
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: BTH_OBLx1eD2kQFXmNysMp2Mx-2CC77ln_dL2-stavCsqeqqaMhfNA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 13A9 14 KB
15 KB 9ms
9ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 35
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 13A9 4 KB
4 KB 120ms
119ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=itwire&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

28d38fc9fd7372a68f99d98ef3c36e0be9a167b24707c3034dd405d5872655cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3595
X-XSS-Protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76D7 0
0 42ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZvqYQecqshva1XcuLwbzjP-y3vi92EWFoQ1AgTLTBcz6fz70nMYwy-0oYgmpOwuc267Ciu-hhew8T-4cFECfTBV9j5mKIam3Vv8K13vWPAT21IXh2bKrf8NrOhTXoj580U-k8KFTmxmyPO15WMY3Cx-LOF4V5MSQZ70qHXkqrVjgPSiBixxV4F15wU-2hJ6eI6RrURJhTvzHCrDYWS8Lt9xtF_X5q-iBrVUZKeWZiao0_fKMBzkT20Qwd5b0GJd4yF_d2-MHZdAb8YnowTlNxWpHcpbXA0x1ZI1_07fPW3JmFUmHUAA&sai=AMfl-YQhA46ZbDFkECXGMw3CKFSMSKokfRM9QLIcFKtJrQuZOp87rwURbYh3ZRKKe1iz6aEPs0T4A6oJlkvO_LLrzCLq7OGM4AKhEc66wB7sTsLf6MZ-4ybtCx6EWUfVHwI&sig=Cg0ArKJSzGx4CQxi58LeEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 76D7 19 KB
8 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:32:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 76D7 2 KB
1 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:32:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76D7 119 KB
36 KB 16ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 76D7 0
0 37ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnK2aRphV-PFCdeIXWZgJ1quHQVV8T-a62_A6WD7JnRE0ev2O3WFCdktrkx1PBnkAwJyIrT5i-vK5qsylidG51WaSZpQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 9612466565408600029
tpc.googlesyndication.com/simgad/ Frame 76D7 16 KB
17 KB 36ms
8ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9612466565408600029

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc8217182c8e42850f33282cb2942ca1e1d94cd386d25e503276457d9b42f856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:37:10 GMT
x-content-type-options: nosniff
age: 98262
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16662
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 11:41:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 19:37:10 GMT

GET
H/1.1 200
OK loadReactions Show response
disqus.com/api/3.0/threadReactions/ Frame 13A9 85 B
574 B 123ms
108ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/threadReactions/loadReactions?thread=6498098956&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

867bde5f1930963a16e7dac4c891142edaa529a4428bb3486165757b7c8ead08

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=30, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 85
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1638827995/images/ Frame 13A9 2 KB
2 KB 30ms
6ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1638827995/images/noavatar92.png

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 87650
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
content-length: 1644
x-amz-cf-id: 2LY82J9qCa_-WIZlRzBRDCqFd9d4zRrWEaprVHFbKcwbcpLZkyYaqg==
expires: Thu, 06 Jan 2022 22:34:02 GMT

GET
DATA 200
OK truncated
/ Frame 13A9 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 13A9 13 KB
13 KB 8ms
8ms Image
image/svg+xml 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19383431
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nNW7ZspoIVpC4sqH2JyOxW6uRFNGmw8L3aEizNcTGjGIz41uZsmnGg==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 13A9 3 KB
3 KB 7ms
7ms Image
image/gif 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 26675805
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mEC7EnJhaFXQUPGgBNVj4E_3tmHIuBbX1Tcd_--vc_14vlXSi63erA==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 13A9 2 KB
2 KB 8ms
8ms Image
image/png 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6664024
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9VWg1Qs3zaMU8jh0bGVBLaghdYL5iw0ydhRduW7M5zU04ugkTe-BBQ==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 13A9 8 KB
8 KB 8ms
8ms Font
application/octet-stream 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8513794
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Tj4fKtKMc0u7ChEwIel3aVS6PVukiU2wfXltOReS6f3Ck9ONdksOIQ==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 9ms
9ms Script
application/javascript 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: itwire.disqus.com
URL: https://itwire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18775762
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: za7O41luSbT0F7pDkMx-bCs731mTS9zMQITbuEEMA08rkbwuW2HBOg==
x-cache-hits: 0

GET
H2 200 jot
syndication.twitter.com/i/ Frame E229 43 B
379 B 117ms
117ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639004092604%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22itwire%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22320980a%3A1637165373563%22%2C%22item_ids%22%3A%5B%22966748041897299968%22%5D%2C%22item_details%22%3A%7B%22966748041897299968%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Wed, 08 Dec 2021 22:54:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 186dcf213e5277e611c25347a8777e8b9202354b00ca2a646464a03aea73b692
x-transaction: d817affa93cc601c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DA2 0
0 41ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUkhWn6fVMbZKK609usoDhhS8vacq5bjd4fZY3Mt8IYuTMWY2w2SFbWNhOreESf34x5Mj6Oj07Brwb-15gPm_SP5Fa9CgDvHfTslYfB4DQfMXgcAmz5Xa0gjc7mMVy1WRG2WyAcWv_OtKgfmmVbDkSJ-FhaLlags1Uar2jd0b16XTP0kMBUZyXL9z1pkHha5QsjFIR0Al0VPALKr6X0wlSZpSeFweBcEKu4p0O26V-qg2ilU8Kz8SXItXY1ZrD0Vowq-yOnzMTaRJ0AP-YabDqzu2R9teV-Roj-kzHmUmo&sai=AMfl-YQ4rEEYkheKCaRIkVUCKpDYqcP9_YZO0YQ7lTIIYg_W6KxF1HDCz7dI1QUhwPmab8sGYSKL9J2Aegm-m8wEBTjzwOObBzQT0FDMRjAd4LwvmqjKZ_oNkQyRI9kAUs4&sig=Cg0ArKJSzIYI1X_nVuISEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 6DA2 19 KB
8 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6DA2 2 KB
1 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DA2 119 KB
36 KB 18ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6DA2 0
0 32ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiCHjfl8XhKvZUgu6TNlFVc9I8iK4Wx34BiAiqcBVsyoKpBCw5x8rgHshtcaIcYOZ-_nsRosxyyneUplLjIWiH0yHuOg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 969566794599782655
tpc.googlesyndication.com/simgad/ Frame 6DA2 21 KB
21 KB 25ms
9ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/969566794599782655

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bf4166d786ac1ca315ce97f356982eda99d7f299f88c6a7efb0b06a23690532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 05:12:37 GMT
x-content-type-options: nosniff
age: 582135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21143
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 00:34:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 05:12:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76D7 0
0 41ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGxKMQ27Bc0L1fqf9fymsTWvLFzaLtxTkE4VekEPSGyP536Pu2f1x5O2_bZUBI80eiIaL8Wzpt9ZWjRWUGdMlpVhz0QvKivwgxPdGJIM1MpXh0MBTB550Sz6lhg_QNBUz0CWufwctMjWQtP1kjhFHdORcTe1rOnQSzJpe4WJzpKbYspli5PnH9ZEIKRvZBFu_9BmrHdX-t1CE6Y7nLlH1KFHSoWj006TdM8Fh0vYsrP9naM17dsnq-_8XbpTI_cgluZxkJfAYcQ2EjiVJ_UHoRmPRgX9CCPap9QSYGkzMPQ751qADIThXz&sai=AMfl-YTRj8Q414K0TATk7uEJVRecADcGrsKLwrWZMhxZ5nEYnNUYytLzca_Q8p8YtGduS1d1-89ylpQy47Sq6G7Ss4THfNAR5mWQIJYPusmbbqkHch04BqeCGbAEPJh5PQQ&sig=Cg0ArKJSzCeQVgRXsRT6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
DATA 200
OK truncated
/ Frame 76D7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc6951fa8a82bb59793852a14f603606c9ba0383dea386285fcbef01fc6a0631

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 13A9 13 KB
13 KB 8ms
8ms Image
image/svg+xml 2600:9000:2240:fa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:fa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19383431
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3X2Tn2ddh2cUQsSlJo3Xu7_XJNDfEUFzgzQ8lYoihtFsREwS11VweA==
x-cache-hits: 0

GET
H2 200 jot
syndication.twitter.com/i/ Frame 31B6 43 B
123 B 116ms
115ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639004092701%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22itwire%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22320980a%3A1637165373563%22%2C%22item_ids%22%3A%5B%22966024109787353089%22%5D%2C%22item_details%22%3A%7B%22966024109787353089%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Wed, 08 Dec 2021 22:54:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 186dcf213e5277e611c25347a8777e8b9202354b00ca2a646464a03aea73b692
x-transaction: 3720fd2cfa492302
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 13A9 43 B
339 B 121ms
103ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=271&event=init_embed&thread=6498098956&forum=itwire&forum_id=1380737&imp=8at6a4c158p5m3&thread_slug=itwire_la_times_serving_cryptocurrency_mining_script&user_type=anon&referrer=https%3A%2F%2Fwww.itwire.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itwire&t_i=81860&t_u=https%3A%2F%2Fitwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%2527&t_d=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&t_t=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&s_o=default&l=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 22:54:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 cRr36VVW_normal.jpg
pbs.twimg.com/profile_images/1384772727123349505/ Frame E229 2 KB
3 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1384772727123349505/cRr36VVW_normal.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

88f3ef61bab8f818fe354512e8f02d6052c53ee4cb954a824ffcd43a1ca9b970

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 119316
x-cache: HIT
content-length: 2263
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/6 profile_images/1384772727123349505
last-modified: Wed, 21 Apr 2021 07:33:20 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 72d3e51474612550af9431844d1223b1c70d81d35f45033ff138c966b75c100f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DWqUNqBXUAEjduW
pbs.twimg.com/media/ Frame E229 3 KB
3 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUNqBXUAEjduW?format=jpg&name=120x120

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

874969971af45d62c0775cd9fcd57ce028ed54653a2d074ff7ce93f0e31a7091

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 15893
x-cache: HIT
content-length: 2654
x-response-time: 223
surrogate-key: media media/bucket/3 media/966748032363614209
last-modified: Thu, 22 Feb 2018 18:52:26 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 16d652d6509e836b615085982943549c090bd46cf60d022a9235694d3ebdbf09
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DWqUNFUWAAAb-ys
pbs.twimg.com/media/ Frame E229 6 KB
6 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUNFUWAAAb-ys?format=jpg&name=360x360

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

3605b747796e9772d6a35cfcb91e77d9793a304d43a273f56af9b274c72a48e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 15893
x-cache: HIT
content-length: 6217
x-response-time: 202
surrogate-key: media media/bucket/7 media/966748022511108096
last-modified: Thu, 22 Feb 2018 18:52:24 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ac3c4fb400205805eacee02778606a63f465c916369bc1cf564dcadc01429463
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DWqUOCkW4AUaP_Q
pbs.twimg.com/media/ Frame E229 2 KB
3 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUOCkW4AUaP_Q?format=jpg&name=120x120

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

babcfb010b001bd1def41cf31872c54fff8038eccdcb5aec43ffbb489701c8b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 15893
x-cache: HIT
content-length: 2431
x-response-time: 214
surrogate-key: media media/bucket/5 media/966748038952837125
last-modified: Thu, 22 Feb 2018 18:52:28 GMT
server: ECS (frb/668A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 56ba48edb8889a3d907059daa9432114c05b477f6c790ec38b4c3fc554bd200c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DWqUM2nW4AI6OkE
pbs.twimg.com/media/ Frame E229 5 KB
5 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUM2nW4AI6OkE?format=jpg&name=240x240

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

7feb36a2d9bf0e6940f22dbb87b3cccc19a88c97ae0e882c0cdc0acdc4ad8760

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 15893
x-cache: HIT
content-length: 5123
x-response-time: 173
surrogate-key: media media/bucket/4 media/966748018564325378
last-modified: Thu, 22 Feb 2018 18:52:23 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c3e8e2f983e85b3f9275553c54f9b0d1ad13e69c6dbbfd897e416a49e0efc83b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 51ms
19ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.648662363185191
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 9
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6ba993fbfd237027-FRA
x-amz-request-id: PRWRG3QYDH9YWHTE
x-amz-id-2: gfRATvbujnOBmnaE036SleuMrB1J3wYii8FL2ug/NqP3Y1VaN+G8mIF/uoZEbuIpjItbtXD/Qe8=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
428 B 49ms
17ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.648662363185191
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 9
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6ba993fbfd257027-FRA
x-amz-request-id: PRWRG3QYDH9YWHTE
x-amz-id-2: gfRATvbujnOBmnaE036SleuMrB1J3wYii8FL2ug/NqP3Y1VaN+G8mIF/uoZEbuIpjItbtXD/Qe8=

GET
H2 200 DWqUNqBXUAEjduW
pbs.twimg.com/media/ Frame E229 15 KB
15 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUNqBXUAEjduW?format=jpg&name=360x360

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

3e6ec1611d522aba1ffaeb2c85af9fef045f7975e73080b2e5b9e908ea2d0f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 16086
x-cache: HIT
content-length: 14865
x-response-time: 432
surrogate-key: media media/bucket/3 media/966748032363614209
last-modified: Thu, 22 Feb 2018 18:52:26 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eaee5b2416210c8b45833b68267b3cd0c25e013f1109b520eeec4ea7c93e9633
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DWqUNFUWAAAb-ys
pbs.twimg.com/media/ Frame E229 19 KB
19 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUNFUWAAAb-ys?format=jpg&name=small

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

d4e4caab2abe882613525c8bcb9055d2c32ce9c01985c48270587510f31994ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 16086
x-cache: HIT
content-length: 19200
x-response-time: 316
surrogate-key: media media/bucket/7 media/966748022511108096
last-modified: Thu, 22 Feb 2018 18:52:24 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: db82b93558316a715010328514df71421bb7698ef08f7ae7793dbe7e7610c1a1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DWqUOCkW4AUaP_Q
pbs.twimg.com/media/ Frame E229 15 KB
15 KB 11ms
11ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUOCkW4AUaP_Q?format=jpg&name=360x360

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

cd2df48a44679060eeb8e4fb0102cb859d428b40036cd5bacaf62ac57c08bf79

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 16086
x-cache: HIT
content-length: 15306
x-response-time: 477
surrogate-key: media media/bucket/5 media/966748038952837125
last-modified: Thu, 22 Feb 2018 18:52:28 GMT
server: ECS (frb/668A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d63c5542d202b3bd0573967b378cb27bf456c63a8cd626c6fc77cdde33c02efc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DWqUM2nW4AI6OkE
pbs.twimg.com/media/ Frame E229 13 KB
13 KB 12ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DWqUM2nW4AI6OkE?format=jpg&name=small

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

ed7e60f2684859b03d76003b1783b4c0a8b4ca3e18760837dc5b976fec49a1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 16086
x-cache: HIT
content-length: 13491
x-response-time: 212
surrogate-key: media media/bucket/4 media/966748018564325378
last-modified: Thu, 22 Feb 2018 18:52:23 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e8ce9790038b81ce63067e6ea9dfac2e7e71034a5d8dabd17ae5389619c89994
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 cRr36VVW_normal.jpg
pbs.twimg.com/profile_images/1384772727123349505/ Frame 31B6 2 KB
2 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1384772727123349505/cRr36VVW_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

88f3ef61bab8f818fe354512e8f02d6052c53ee4cb954a824ffcd43a1ca9b970

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 119316
x-cache: HIT
content-length: 2263
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/6 profile_images/1384772727123349505
last-modified: Wed, 21 Apr 2021 07:33:20 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 72d3e51474612550af9431844d1223b1c70d81d35f45033ff138c966b75c100f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5GY08UgF_mini.jpg
pbs.twimg.com/profile_images/1262636717925961728/ Frame 31B6 1 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1262636717925961728/5GY08UgF_mini.jpg

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

e9ccf010d04f6afacfa5836009cd68860ebb6ad820bb0bbb04ef84152ef6d940

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
age: 563264
x-cache: HIT
content-length: 1493
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/4 profile_images/1262636717925961728
last-modified: Tue, 19 May 2020 06:48:26 GMT
server: ECS (frb/6727)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6028903fd74e8122dd358f5a194442b3dd3c245f7db95e1cba3cd52894f0fb9f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 70C5 0
0 42ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAZEKuCqFz9g0spFEGzb4XDagQYtFXbw_ctvJNu3yis_UHk7QPQxYKkV6Z13wiQPl9xb139_jME43aCo_7YjZIB8Surnm0s_NUAdyMchwVDrnsrgOPHBkIJBE5kZYAAjoQ3IcQIC1PkpKDwR71ZlJm4eYNsGL0ggSKtCCGSRN7bxKFHdJVHW8VNZyCrHubYujnmzIkDqEKZi-NHpS0LInxqAt5plCL-6qQdk7asTSLnfVuZ12HtQmM-iE9s1gh_-TPDFCpvK9VHbUAdUuNINgkxzdXEJAYVfKglH0-i5IOYsZDYiPQ93OsLWc&sai=AMfl-YSz4Czzk5MKrykjtRH_Tce5davKsmcNHRWAs2QMJr-sw-MzUv223aG3QfBf8IbuTq6HWdbhjzmItRYQfFeAbqQfyGK-dRxlQlPNKnYsTl_3Rxf9-D8NHGjP575ChnY&sig=Cg0ArKJSzCOs4aFFgD-WEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 70C5 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 70C5 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70C5 119 KB
36 KB 17ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 70C5 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiUuVgTp6tiqZfA5Tmv2bNlSMZC0T9K4obqdY0dNPGqJldXCGhVDRIAxMeMwu9Scod4V15FqSW1nfYBaG2XoIU-yVl7w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 15378875778289964573
tpc.googlesyndication.com/simgad/ Frame 70C5 43 KB
43 KB 8ms
8ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15378875778289964573

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19b1665e918e875d382bf786b3406c7921cae8caab9b65f0c5e4590c56c3bb74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 08:28:34 GMT
x-content-type-options: nosniff
age: 483978
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43905
x-xss-protection: 0
last-modified: Thu, 18 Jun 2020 14:25:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Dec 2022 08:28:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D3B 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO90VNy4B0VwtZyvyNh5pPNFQJVhAR4DpzdoCn3q36IZz4k2Rxm2CYYH0939FYX-lygrahPWT3PUBobCziegCm4LA63N73fb6XlL5naTPZcLYzhK_Pk7DSOuK04D1ce_vkPeTqOk3pyNf1r-VzSdO6H5qn5LrRuUUnd_3wu5sLjMKdH7XzUHBwGP29QGJOX1HMkNYpiafHkEFyD_a17uDuOTQoNjIoFQN9ZuIDa0Wg0f5fJBoOrymnp3pzMLK6_Ru_hpwE68OcmXMwmf4BdszqJldSez8KaYAr2W-WsX5JTOOHCwdiow&sai=AMfl-YRUyKW0U7hi3Er38y57aH5haQgBiSeXEyhk8qL3bvYJIbf1Py_TcFi7tDokpPfemQdbMffD-uzllBPtxBDnfJfroFGOsqG65evsx2Exdp9nEzGx3b2YBuQyKS9DZzc&sig=Cg0ArKJSzLF0xVuzK0Z-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0D3B 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0D3B 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D3B 119 KB
36 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 200 9770957470890108766
tpc.googlesyndication.com/simgad/ Frame 0D3B 85 KB
85 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9770957470890108766

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d820366ef175cc65f39bd05035aa83a62a1b1dcc8079d6ff261c48387f22fdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:20:39 GMT
x-content-type-options: nosniff
age: 131653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86699
x-xss-protection: 0
last-modified: Sun, 28 Apr 2019 22:49:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 10:20:39 GMT

GET ampz.ttf
itwire.com/plugins/system/ampz/ampz/css/fonts/ 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DA2 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL74OAfWIAts6Y54gFbpwwKIOF5aDxYQqA4wbR1dwaEc1c9y3FKx8HdWqfWIP1OrI3BZX8RCPWmZCWwc92qCqQG09_aJGbQWuZRZxv_UGiDR1drG_iN_Go3YOFU60FLOtpDs0bwOBk8s3h1CVMn2dumZ9VXhh6XKwA14Ul76jCDKw26zIxVf0mWTwXnTPUCpj579wNg6TnSTitktYszepbPFa4lEKrwNGIVV2pBCz9F_cdmbDbVrYXZ-Fiqc0Suv4J-UUCL_kK32h1MB8svPjOn-Pi8m6UzAkroRCyZliuI84&sai=AMfl-YSccg21EQrNreP2iwwQfmupysO0j3_9MPfigiqUgNyil0LLE3EiF_ekq8dF0eD841eyRR10MTke5sxUkGQiguO-JYzocCdBNw6PRJrzGW9RCFM-VE7EBTl8Uerrw8M&sig=Cg0ArKJSzMKZxTRVXSr-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
DATA 200
OK truncated
/ Frame 6DA2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b840b452f53b85ff26e718b599f2e9eb15bb62dd6f24a3aa63850af8a382fe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2653 0
0 47ms
47ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRkvz4wJ1j0ffk_F3t9Fgvwl9Z0i-lvn4LehZW0XIU7IXP4seXGLACq3Z5Ip8NH56A3Kpq61aSccgnGCN2BkvjobqJwqH2rbDjYnvmYhd1S9v5C0NXU8iD-u7-NCt6hqazvzc2xv-OBJXGzTW1kImw3iZ6cjJRfSemt1cuen19gtl8BaYf0tHDJNsBTXwP-Kes9RBd5n1H3F1s9BmYPNX6TrcdBLy2ILvjbu8v2Z-AzOsa4J3YIPd7s_73nyR-lVhDCu7NFqnHxrg5Nk5M0jp_sZ-pT1Ff4fum-yF1sL0g3XP5c3uCTw&sai=AMfl-YRXl7uYiMxGesOBCyCJEABZFKm-5iHeTxAzy5v4f0IxfLoRwsLRKHhiTu1e7wDOPPbtBdxUbiB89MdoWVS0IVaWhfjzrZzD0jsA1YgBNVIdGLaLftk4u15zRiUrsi4&sig=Cg0ArKJSzEpGjKPZeWnnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 2653 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2653 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2653 119 KB
36 KB 18ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2653 0
0 19ms
18ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnFgWHjyDyN9nNBJPenTyjFOrIEeppzTagWKRlOCXB_CJzYsmh4Oi8cRiuSyzsQ5SQTvAaqObYzllQV9eMeMnf9-eJhg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 12553190728857311167
tpc.googlesyndication.com/simgad/ Frame 2653 71 KB
71 KB 8ms
8ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12553190728857311167

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b870d09319848c872ad175f227c964db6fdd8e4e3b83dedc00f4c8c5506bd0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 21:01:36 GMT
x-content-type-options: nosniff
age: 93196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73020
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 00:39:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 21:01:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0E0 0
0 59ms
59ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshLv7kVdIKkBNzktTdjFBSepXJeCkvpPBeFH0GIL5EyEfG5nAZjxw9qkWCRhOnu0W-Hp0v4Ui6GfuW0SHoFUm5-RGqIdGsDLTb-ZVO6rh9-OfoLFgU3RI8Mcaw0TPS3Mo_ftONlIEl_RhyR-SHaA7LC1EHNdk1WNkXdWrXSaWWbMpJ9N6qq6PzZcD1KtGsrWocASvvbrOYTTue-7Z3Wc5DKCa39AeTK9FCkKkhA1pH8iyiwyK6fs2sQIZIIFRsQRY9ilh6mA_wAGR8sLJG5R4Sgh8x_WcggpEg1j7Y7owFweR15nE0&sai=AMfl-YT59Nu7riRfUoce_1iWSYGSZxCroFzCmfomH-pe8FbhV2aH6l3djofwKWPkBc5NGVddqsRr2CO3tja-GtWDKXk0Wz548Fnnq38HunhblQuobrOUw6BSRlX-hqTe7ok&sig=Cg0ArKJSzCZ5ia7oysvSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame C0E0 19 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C0E0 2 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0E0 119 KB
36 KB 32ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C0E0 0
0 20ms
19ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8TvAeItY9i0QlzM754Ff75wdocF8-rlePVPD9QHA_dUfQw2AqYNfMKhxu4FEijTGGPcd4xNRd4Hndng9ezHtioKAlQQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 11831356925776475404
tpc.googlesyndication.com/simgad/ Frame C0E0 18 KB
18 KB 11ms
11ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11831356925776475404

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba47dd5f46f379be7ed4dea596744e60700629d124d403ce80fdb0363ad7f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 10:42:47 GMT
x-content-type-options: nosniff
age: 303125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18508
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 00:40:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Dec 2022 10:42:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19FD 0
0 59ms
59ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGYfZYLIKTJWljZE9_Z5aqohmmGc5s7DCT37cx8mIp7spjo3fBFCdxXtshSo2cqMMkRjQrHOXejEOorFsZuZ8BNA97IGygv7YoCUC-BkRvPahDtMTzmTpCTXz0GWR8rAfpeAW5yggY4B24PuD_ipwzI54U7hxCp1a6cixOJS4B7IsYT8D7yVCEgS1ULNgyE8-ROruHffcMpOKTT3B7WTtqr7hZz-nD0pgg3o3M9eIg7Y0agLr00IPRwy4FStau1vvq9mmqDTMh-b07_jx7QenGAsx3zkD-UC_yaQuL9roPfq0bWJA&sai=AMfl-YQOY8u85h2N-hf44y1ZF_XJAjP32qqMebqa5A4j7ek4B152YtdmP4ywvoCUDCh_d0SdNAYwCt0RKyPraGIUWjYywrzzD89eEu-EHtb_u-WA7-GYRsl3-gsNFNaWyBQ&sig=Cg0ArKJSzJX6JVvS3D-6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 19FD 19 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 19FD 2 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19FD 119 KB
36 KB 30ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 19FD 0
0 23ms
22ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ23_eA4uEIK32axnS-tp15w4EANn0GIqD0HLcoW_RjIlgL_JNpXHLfSH27QRofNO9759yi9Vrz8CrO3GRIUG3-imXBIw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 9080587802214971650
tpc.googlesyndication.com/simgad/ Frame 19FD 28 KB
28 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9080587802214971650

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e76546812603b2c76b2cba682535b8e11e03c2a291100649549e94576a07cb95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:03:23 GMT
x-content-type-options: nosniff
age: 42689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29056
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 00:06:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 11:03:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7A3 0
0 56ms
55ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuk1nxp4-3TUZvja0Es3huzO2upN1vOuAmaj3iqAgnj4oEnxUwi8NabxESNpE57JMmIZUDZbiBgamy6YxHxLJ4F_jfxFlwds6_QncVRmPD-5rzDX4MfO_fNmi5Cjp-6RbDGbBv1Qtm-HB0lPMuQi11ZOTmIUulnB_l5KCLZNUkYvwQlrV5w8EUjB65rpq-U6e3jEVRc03yt86pMY_CCYAVe8HSq_s1LXZPk7KBtlZSxkBd3SLQzDXv8RHIVfcKd51MJd31qEiSgEJ1YOVfQ3WPBqAzVQuUc3Hp8kER7OtBPBoYM-Wzcg&sai=AMfl-YQuyKSjSJa0GxPvHad-Z0VZIFPlyBtdqvfujrWzk34h25e7zt4rebdUYMEGOTsukXUNaonJlTw2Mg2iN4DyClRtBjE7OlOPu3bROv_nypsR6U-WaVHBzlW10sNI_RI&sig=Cg0ArKJSzM6yrk2Xdn3VEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame D7A3 19 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D7A3 2 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7A3 119 KB
36 KB 35ms
34ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D7A3 0
0 20ms
20ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdMHWpihLdl1yj5aGq_lX5hJdgOASUntve0BfRNSraPAYsojPSWhmTy5doCaLtY7XLv-CiyYJujeYTFqGluaAaqR5krw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 892466434008450693
tpc.googlesyndication.com/simgad/ Frame D7A3 61 KB
61 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/892466434008450693

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70fa72eda0252b1e7aed0ef14c3a59e318ac75a4780ceb889fc6d7cd97033593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 12:42:28 GMT
x-content-type-options: nosniff
age: 209544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62722
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 00:02:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Dec 2022 12:42:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C2E 0
0 65ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqnEJl4gEfVCiDqt8xhxsc7RQJXtnNZqvnjGVeGgBMouruPepVHYsYnvg_Ihvxkkaf2WRx3oKeypTW1XTzb0PPirYK7dv4diMS6Er6A7uASpHtzQ51Lezq3_tTHK-uArSDSJSbXe9vQwx_yKrYh1zrfEM_ulmjpKLUMxX6X7SgTUx8NNjrach2qLtBFGc_R2VZhJyAN1-dlufDuQIC5Q_67EyQWueio5IzJSWhiNZRLaH1v3gySLZxFAdRZRaI4qBL3RlMIFnrCrrS2NHb02NG5aYi-SRdb2b_fy7qwbBTzg6u0qDjU9c&sai=AMfl-YTHFY9_IFaVe8r1zaxUB75GLS727phb7o2iwo6Wl2NxQ5XCRKzdTvJHJggAp4_ifUDC3HhGBLUlS1i30BpiY1RkCY-35M0Q9WKn4nyFClOAFhgOvYmbvnL9Xlm0Vas&sig=Cg0ArKJSzNswevDfzZcAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1C2E 19 KB
8 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1C2E 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C2E 119 KB
36 KB 27ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 200 6580749669243748516
tpc.googlesyndication.com/simgad/ Frame 1C2E 61 KB
61 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6580749669243748516

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ead1e75efbc6a2f4d7de6932d0967316b1f63d265719888f5a462bcddbbf75e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 08:28:34 GMT
x-content-type-options: nosniff
age: 483978
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62874
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 00:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Dec 2022 08:28:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DCA 0
0 65ms
64ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFCIhDO0JPifTxbHPhov9CG_axdLaSzjd5NK2oBzGdsK86pf4HbV6kv0KTXKE3o3Z-M1VcV3SljiaeW65djK0LwrvL3lGiVDPhY6Qm3OPd_x14I6iIiUQKQonqnuxoM0GBh2CCFHH7qxWRrPMRv0TBo0Kn9p7bevZStKCT4hfVcOYAiqYiT-9l-37BtWEVnn3WcCIAurQM9XTXDc0vHnerTHGqTJvWE-BHll2ML41aq6SWzSlyZa0XjZfIV8oTRPlRRhPXJfjbxO2wQBgSMcYrAzF2FQbJL3idpqVddeASUz-HqB2_Kn8CgNrwbC4r&sai=AMfl-YTeLaYyLUwx71vIoRCHvTnptJPbuJyhMxVjD7TTf1S_9ls6dzVQX2qivUI_Bm4cZCKsYgAc3W8aIgj8wI3VIIfgZrstaDcDGuIzDMTmdNYGLlfkWqHLVb0OL8W0tI0&sig=Cg0ArKJSzOYevYh_3wlaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 6DCA 19 KB
8 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6DCA 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DCA 119 KB
36 KB 36ms
36ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 200 15676340980967799762
tpc.googlesyndication.com/simgad/ Frame 6DCA 59 KB
59 KB 50ms
49ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15676340980967799762

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3747e45c51fd980f1eb30ac295e8509e4fea79d57e9f3cf41fb59eecf2aab945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60143
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 23:55:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 22:54:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8865 0
0 60ms
60ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBnEKzkjaWN4_awhsm6_Ah4h0fraLVaqNrxCWWqLBGfsmnrQSXEfrkHTYRQZQTNS_4atuUvNAQHgt3SJKNKk5kWftRYd-S8kB5cft7nI_S-eqapRFtK4imNrVYkNS3ukTBHPvd77oGLN6L6prSaTTllS8V1-prN-EB5FOhG5q7Saqmzox0dcIO_5DiIG4N5qTdZI-xt5-4PWHVFqNApg3ZNTru56zv0pbehdGiCYcwPorWDlGdrZc6wrR2ClVGiBQfVBLA2KQeMKY3ZORULpyv3_t-t852ZM5rKiYxyew_RJAfDALQMlAEJbuE&sai=AMfl-YSz_zLQTwxjp1uAqEC9hGEswsTnKMuuLRjC_ZoRW-toOC3U4zbfBc-yT6ltwLWsuH-mp3I-C7DRQB6uhUMBo7mXRS5iQq8EQANJd8zp0tqHjQN8SqJuyMy6I9Xx1xo&sig=Cg0ArKJSzOFo4ZH7dr0TEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 8865 19 KB
8 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8865 2 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8865 119 KB
36 KB 50ms
48ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 200 15523876093970916332
tpc.googlesyndication.com/simgad/ Frame 8865 147 KB
147 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15523876093970916332

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3193228a29e7360da1f8357c2edc8b75801b9170f0f8f4e32f89e4599c566f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 09:01:32 GMT
x-content-type-options: nosniff
age: 309200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150663
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 23:57:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Dec 2022 09:01:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D97E 0
0 56ms
55ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgi4u7Prgq_xcpckcl2NktDbuS0zEv1lGL__0Wios1KU_Ux32pFkPa5ow19-7ZPcK103-jhnCR5sNjIuoAAsQh5ZeauX1W-6yIET8hriy1Gn7Vy0VqJBaMdusS1NOikU0u5bx1ZxzklJvojFsE1ToDGE8RpeeIYk6p24vfMjYUUVghFdof8BhCA-ceApW06TxM8EW6kkqVoVFNUpsr4MpOG7Bcq-emIJqae-PXM2-I_pssYb5uaUYpU2DZ5JA6UacMwGPupH73wSVqeOWEGZA-Cvj13q9_O3vxM2eS6YF50ctFIQSrh7UDbEYw&sai=AMfl-YQBLpvHehLE8_QXpH4QfV9CIr34ZIA3mKkuVfAbsGZbgnRj1OB191cH8SxkJ2I120QspQiI427VHG_3u43_5iy_gWEd9vpqYke-yOb2NxqfuT7vd720OeYIn--NzNA&sig=Cg0ArKJSzMkaF4kRK57qEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame D97E 19 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D97E 2 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D97E 119 KB
36 KB 34ms
33ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 200 4279116132305452811
tpc.googlesyndication.com/simgad/ Frame D97E 147 KB
147 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4279116132305452811

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3193228a29e7360da1f8357c2edc8b75801b9170f0f8f4e32f89e4599c566f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 09:01:32 GMT
x-content-type-options: nosniff
age: 309200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150663
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 23:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Dec 2022 09:01:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A7A 0
0 52ms
52ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvv-GcQfYzMzYdl3GJ3YKePTRcYbwh2kaaU5ty34KweJJNGBp7aybb92IimQPvdaiqCXqvo2nsqRcAQiBaAUGbQ64il691FZ95TN3PmVvIktD1A_HJMHEx3HT1hOaZZQUMLVjVtfJ9cmSurvbVo2JPw_M0E1SXVa82z0Onlf6dJJQag2ibfPTqIfg0uAhyyO0MlHGGu4cza7z4VlNyMcPknRFqRMyaIgAUmso37zS4JMTAd71DopXH8SgQ7UKGczx0oBDO1eBf5FsGpR9xM1ZoLUy-fQKOUQtH-47wqfg4-tOcIbXplc-xIGFM&sai=AMfl-YQH5K2IEUG2KwHWxS33y-x8TIBLoLOFX0lr1qxf4UVjXqLW0tzg_bhu_4penb9cZidqdTsW4TN7tcJoLOTHRlibKuixa7YpY4Jp4iBT0drCKEQ5-LJUsN2pshXj3m4&sig=Cg0ArKJSzOmXTVQG9laPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 7A7A 19 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:26:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7A7A 2 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 22:11:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A7A 119 KB
36 KB 29ms
29ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
H3 200 7727343839420317571
tpc.googlesyndication.com/simgad/ Frame 7A7A 60 KB
60 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7727343839420317571

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d1ea4e13724ef85c454b9ae823541be43ce4e4bf541ae60ec2e365ce043e1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 12:42:27 GMT
x-content-type-options: nosniff
age: 209545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61265
x-xss-protection: 0
last-modified: Mon, 18 May 2020 20:00:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Dec 2022 12:42:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 70C5 0
0 45ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNw3Wiod00Um2VufpPmYaC9O5d_ONFrcEMhMJ_gK4flu-INmbKr8NZjt-Soebu6-OR4_hZJybex3v7TpAmqG3wud3pW9jAozokjChmmPZCkwicBjqCGp93shD6nXKQh7Zc0zC7wtr9kDL8EomZPL18GCB62bQYK8FOqFtPzxA72ucs85RGY3tbcqCuwWOGW4mA55khFxrpVQn0636r7LTkXna0xw02b4TcXJvkT6HsGd5mM6qz2_fi7lfurzqL11ydFV3XrJ5YXUlpjuBCAzsozq8NDKiv3n6APTHxT6ZigoZZB1kJ7OptDnyKiQ&sai=AMfl-YQsakib75zdpAwXutvHOuoZKnkbibPRElYQIBHH8eq_fd6TnM7BmmyDpRi3nM5uMEPfQE1mcTvVG-Xc7UcMDIKedad8SLq0Hqrj54Pk0O2gci7IPgt0MSJjc0A8q64&sig=Cg0ArKJSzJ1KzFwFCoZhEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
DATA 200
OK truncated
/ Frame 70C5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f02cf5c245c310b2bf0efa8c58552901c0015d84e0d31d671af7ded2444713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D3B 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8nMSTBsm6QOxPD464JitJX7pTk9YnX7WL7C-soe6L6MtrbqOSsJ_bgHmJxXraS2WiGOalvZ5SqyMLOEHYgF0LLNy3Doi3aD_5viHUdS47Ds-lZZ1fYIvMJnEei7CO0PV5XN_K3BXqDOrhhCJlrFxfqGDdcuvBgIzNr4mkIAWH2MEkkL8Vug2DaTxf7Bhv5CshWMGxkwMEl9PX7oLM738Yu59jtJ2FQb7CGF-qy8STfhwIGVRF6DTffu9aebDONJ7SpWc9dB7Nfgu8enoQcqT_LV0ZXGCJKnADPa8qDy5O9xzeLnVqvTve&sai=AMfl-YQCelrsSW-UibdNO3hxfz7TkqXjSqgEJ_xa7Aikd2RAHD0wOcNM3AY45xcN-kG48jOywRr90MrQ81z6pB-A0Rle41AwWZUJ4SE0w17-KRgrYIznMRE7onMSVAAmPW0&sig=Cg0ArKJSzAaUuocsOSsVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:52 GMT

GET
DATA 200
OK truncated
/ Frame 0D3B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d844efe39988fa19341635d577775b1a94abf70ed1e1734fdd4a7de89ce33aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET fontawesome-webfont.ttf
itwire.com/templates/ja_focus/fonts/font-awesome/fonts/ 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2653 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWwT7xALRxQgT0AGUNWYRMwYcbOZvfxj7PPfFVQGsfnXngFJkArLNVeq2xZ_uQ9uuppC7TXBJoNZLLZlIjU0OECfIDzHctHgy_UIC-vEuNABKv0rUvW0zmnzYV0TAVOfpOgzZIGrQKPHYEdyyIc7I2cIQcVMJ_HRpuVIvcqgkZvOcdtsSRXG-kYUEBKUI_s8a6WnejkUZcvrMlRKiRDt5vCwukyHMXL4yKHr4lcHuPda8YdMxzrsqMfzMouV4Sp_0g81fwnwPOCxwj_5ieCvPiCk1_aHnBeml3g1OTVcIm9KLK4xvaY4_q&sai=AMfl-YQQxJMYpIM6tFub3T0o_a_DxOzhquMm4Lgl0FHV9WniDuKUp-0dZ3nnFWZ6W52X-kL_pixoKWAhM29crlTUH6L0V4gX9_zGSqE60kOJuGxr0itsRjgbe-rvNsM-8gI&sig=Cg0ArKJSzIJH8d23Qg-pEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame 2653 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a5e99477f03714098452892ade2f4f755a52429d64240a69fd64300e406c15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DCA 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth1PAeuLEJLKNeNUvbUZXbGlP-_fgXHNqowLkcZGSx_5vTZswmuKXVWnuq96mPIeSNGyWHVhP9PLla6WHLAgFIgPdUez7Wtc5xC0_BPB1WqRaJBAmHeTfteGx5f6K8w5Ifb027FlDXD3fvioGeJgwyWkhlwK0CYJXbWPGpz4j7-IWVJTvrvuXlAGKUW3_Cq3j1HlrsgO2LnSO93yTzmS7eHKZjq9kNTisixKnbFFncePgP96qlG3KPhuihj-oGcuVWxTT4KmiIskL_QppQmkUrtgI4pXuo7-ezYX03cUeW4huRwamGVFonk2sE5Pamblk&sai=AMfl-YS8j-rCzbxAcxKH5QqH44bGPLbZFOBUpZa8WVHiuzHmMs4PLZDGBVBD9hvjesw24t4cAZxhqTIIJWWIYfjoXlJ53x7lO7a4lYv3Gdprcnsjl4ee0_zn1KU3x-GGsVk&sig=Cg0ArKJSzKjMFX0MwmOdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame 6DCA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25692bd31d76cfc5e41081fe2e4dbac76a6df2a05758f848c2609c28833198b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0E0 0
0 41ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh2tL8rGTOBYoAuSk6O15h7doVtcvRnBVmFIOI2M8Yhu3tPJ49k6S7cD4vI0uxmSy2rt3gnwqfw0Gmg8oGZqz9iIW-xMiYGQHnbRnzIlv7tsl9x5h8iFLopGP0ZxDqTQ4xP-PTdsCrNBgScf7HxHMv6zvqJzkuxalHA2gquuAioy_jUnFjWgIjgYZhSu0n-gMYvXHrHyuPGOMTIkr-Yatetp9Bt1tr0j2Lo78fhfDnks3LJ8JufpLjzFf3pZfI0m6Pc_g5GF5CwEqoA5r9YgpIIELkaEjK9TKQGyvr5wV6Xe5HxvCbIWI&sai=AMfl-YRKoZB3E-Tnj7566CFRhY_3nL-3g1z9J0yphs5_aoYz5xOFgqCUoqSQU9qN_c_LZfgfr9p7MoGXbupInLO9aGP02ciYoylm1Ne7bCxcizyfor0QXbBwhEAzTAIrdaA&sig=Cg0ArKJSzMw0FZL4F2GQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame C0E0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09bb92f316244ecc133d7f886c1d2abfe29c0e8e3b1e5a2c3e492da1e7793082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C2E 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstabiZSGd-Mc6sMxONF7h5cWrm86K4gZ1p0lpMROmdYeKA_yEO_p34_0YX6JgS6BSFczznUYCUFDsmpm4sd_ghL9YhhIL8gZUuxXBGOixj-0rZtehVpJXTRu-EUdSXjrzMgeoDyeX29_0EVJZ4N85sLHXzIER5VoUMazaipoiX2-pX74hOywvJOanOtOVtE-26lOCmD6HlqKrDzygc3hkWi7oPkGf6uLjkd5Pk6o6phVtz9ApcrdsypZ4AcpJL0Lh8lHwayJEtNYyyqTW6wBW0VgdBBzA5DHaExDP7a8jSBU0hn0ivc8RmLFA&sai=AMfl-YTcIP7DCdR41TyBS4AQYYbaIchSzVxuaDkqpWb68fdjcpm0YFlY1Raf3fK7oQyPa7dPBQC6ENBGweNqgcdGQwTZ2eUvvDCaucY5fODcb-gLF3gIhckeRCoJTmXbUX4&sig=Cg0ArKJSzJLvrkLA1pZwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame 1C2E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4150b04c01fd6aa503a95fcf9a356e33d0dbf8c2b0c118e05a935dc2eda88c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D97E 0
0 42ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLNpr7RxiQyV8LShHD_WLOKI0gReUD1qljCZOChC966b8sHsjsUcwKc19sPrZdDculsVuEQDxLfbkp03hbS5VPBEeTiFq-SmL6sZ6tvtdqJiKbdp5B2j115-V1rBfCevfsRb7KLHwkZvy1mokTjNrsn_ZEqi7Gw9ofYKwdj-YWqk5KTsWmDww0Ao2W1eN9hUnOcUWIaPjx9eX_j_i26jwuwh4b0o_N5lqpdIhvtTEu5fshZKUiUU9-bLO8YA0Nz_Yadn-14ejoQ_RdSLpL2g_yKyTmvCNPPLdsFZFD1V7NF4w4jDQ0qX_W2CSaWRU&sai=AMfl-YQ5duS7d1hrW6jJwOyfXPox9fRSpxQHFWw5zngkzfQU1jFujOOd_F__JxvoL7geyOkECZ0lTKLIPJ5ODVZ6RFMk5BWslx1faTfNwm1mK8t25zKUE8D9S3FEVmZ2i_o&sig=Cg0ArKJSzGHzlMyJN0s-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame D97E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88bc032cd342593f88880e656b01bca9e5c9fe5ed979b2a28b1bb253216bc855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A7A 0
0 44ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuY8CzJ88gBSF1MbQ9MYiiVO59F77uGWK_VBkAb4Oqq5ExZzqUVAF2G1xZZjnSLJy8rTleGeX2hVZUgnWEqxqz8QkBdC9reFT3csNFcmHQ98gxMdkyzYufHPfzmsFnEq08Fp_5guAGG0q3020-uuyVu3SRHgqzD1zd4LiWGQnCEYqqFaYKWcABQwxfTDfPxKuJ_4n2QVXlEvv1SSNdpJ6zRMZu2mtRUeZUdc8vv8lhQ36Z7C-YlztLw9aV7RutuiWB-Rnd60Oa-D1k8evpNo12jBQq0ZmU_mUnoctCxPD1qnojfqdQHfH43o9WfCA&sai=AMfl-YRw57oZ7TCUp9CoeCUvE3QfU1IZmC4z-ocIr8LorGQbG1-w7tY1jUJ6eGMO5Wof6M1RGDt-VXGLplsW8wDePsh0fcFzD2FCS8mqIAqTbBH_4_UXRMQPCvQnkBmUTg8&sig=Cg0ArKJSzIjq-WZUylV0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame 7A7A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d96559305c48579b07d48ea489fb2af2b1100ff2b83774f5ce72f1826b004115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19FD 0
0 44ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuelmB7ezNjscb5srzEvZZWdKMrIgbI1pMwk4TQqci1jngLg_kapwARF3R0NecROhXzbc2DLklwxgEcUoZy8hV3e6f3uCIVyBE5T8Gslwk1LTH-lpKMH6JUQ64PYB7M98iOMnhbAX4fZx0tyin7MVGjn_cvE-VlUg12GyDnQoNR8dl8A8baqFfE0IcOu0DMVURzNGcGLkPGwfki5QXgRMMMEkLYfdrNlZSnp_zTQbSyHkhIOD0EYizSzGDwm73aKuyCByeXsIYbE7uOzIPc4o42Xn9Weor42oD5VYi8Jkt6hHBopAT8YQ&sai=AMfl-YR4_3FFZjvBGesrrpI7sb4p3OIr3T2-PtnohEZlAOJX07Js2A2XK0YH5EnBWcKasBm_K1FOB0KO3FuYpBv9MqeIeocR_jGYu2dKsdRbQlJHo_BQAOxUkGCSzKdkRSc&sig=Cg0ArKJSzEdQkLQt5hmZEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame 19FD 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c886f9edce4f7a7d516171fcea56ee95627a770a127ffaf42e5851d944691f5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7A3 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulGl24wkH6SB4ayibmTIWWtNvb2vBb9E69LSBXbnmglDZA4k_W0WguHC1EHdGVsK0Zgi0GZbVI3NofUdxfGVnacV-oieg38O8Ut6s2CTGgp-sJnFZIk2pEt5zpy1KYH0IM4Svxc1D6dp92MrXc7SN4qVTi02MbyEzGDg6u80SN1i8_oUVtfE3hCjcII3wZZm-5rrCqFoJqwLih-7OJMmbb8Sjirp8pQUR4trQmCZlOzF1FQz5FveEzCbP6buxUr4BA6cuuzrlOW1VJ9UtFgIBMZ_Tbmh8LUERZGX1uER8raPLlA_9U9bnT&sai=AMfl-YRp5CT0cIBl1VCzl5XN3vbxo7dYDWnit_PpIrUBu-dpSFeoK32fB8zameOkMW3kQVf1mD6qRAP-Xqo6-xzB7OVrJTYPwNJeq5eYF_IbLw2OrZpycXMr8d2ixZv-N38&sig=Cg0ArKJSzI8THarxzoAKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame D7A3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e9f6b550690016e3b6742a7cfc5aaa504d214fc1b7ec1845a8c18eec869b15d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8865 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH1EZg3OIWk4uJdzXZAGAhXTq9nF8Fh5n-LusNF7wSwpJkptdac0XYOe67as74jbwGFkXuB_SF6witX-scg_pCXG-l0Obb6C6vmbNsmCXqQzdrRQLoqYzbLRDYkEX4CGYHtny5jjNm0Np3E76sRNJsHWAeLb8O6eEwc_EtJEtcpXINloVGkxtkHim3uPA8xwk-qESc25EZPlzb6l--FMjfA6zyVjIOOt2kAOIf-UwgEpxTh7k8cSwkgfeJkW2qKU__C_sBaxD89FCHXHf7GjpzmmTHnqYIZ-xOpxvkge0vRtNhGQJ5GfWMc3Nfkjw&sai=AMfl-YT0phX_mx755AuZO4CVZLRWZmU7TXBNK-j-rjSFekI15KZo0Gtz3s3n1_I5dlsgNwq6nzsEG1TRuajlySlBSyMMtYKRKbHEp3h40mlg1uZgj_KsjIE2yO23uaYPK3s&sig=Cg0ArKJSzNdbzZJOT-RREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 22:54:53 GMT

GET
DATA 200
OK truncated
/ Frame 8865 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8408cc5e8c50098d1ef244e303c5b6ed13814cb185755a9c4dda17edbd6c35f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jot
syndication.twitter.com/i/ Frame E229 43 B
166 B 116ms
115ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639004093228%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22itwire%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22320980a%3A1637165373563%22%2C%22item_ids%22%3A%5B%22966748041897299968%22%5D%2C%22item_details%22%3A%7B%22966748041897299968%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1004%7D

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Wed, 08 Dec 2021 22:54:53 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 186dcf213e5277e611c25347a8777e8b9202354b00ca2a646464a03aea73b692
x-transaction: 750fd54aaab68563
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 31B6 43 B
118 B 118ms
118ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639004093228%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fitwire.com%2Fsecurity%2Fla-times-serving-cryptocurrency-mining-script.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22itwire%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22320980a%3A1637165373563%22%2C%22item_ids%22%3A%5B%22966024109787353089%22%5D%2C%22item_details%22%3A%7B%22966024109787353089%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1003.5999994277954%7D

Requested by

Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Wed, 08 Dec 2021 22:54:53 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 186dcf213e5277e611c25347a8777e8b9202354b00ca2a646464a03aea73b692
x-transaction: bbf8f0276010e031
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 358 B
790 B 64ms
39ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 42a87179b6505af454ef7e329adc4056f13d227230fc4d9b8b496e2dee5f7c65

Request headers

Referer: https://www.itwire.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 22:54:53 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.itwire.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 358
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 34ms
33ms Image
image/gif 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by: Host: www.itwire.com
URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html'
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 22:54:53 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 58 B
489 B 50ms
36ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0b113f1001fab8bd31a15bd2e5d2f8d8beaad5c28a6e58dfad2bf3969dc5a29c

Request headers

Referer: https://www.itwire.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 22:54:53 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.itwire.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 58
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76D7 42 B
497 B 180ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD6TBZ06ID6QD5kd1oMLrRyyuSEcqQ910YU29h4qEUBCGhqGZQaG-esejXtQJHFo9oo2gaKZfFEWpp0qCA8FxUMjYGFCk3-GPB2TL1OMM3iRpNognx&sig=Cg0ArKJSzCwja4qSfHcNEAE&id=lidar2&mcvt=1001&p=64,1170,154,1350&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=888817850&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639004092467&rpt=180&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6DA2 42 B
108 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMSIcCJBKpnJl8-Y6c8yNaOvHwOfCOB81koOoAZFjU8-b58pEF0pF3M37ogIpzL7D1fzZTPDXRnA07bX49XHhUfEAkEozhnDkXOLHcjQxq1vXct_zS&sig=Cg0ArKJSzK7Ay97Wl-nCEAE&id=lidar2&mcvt=1000&p=64,439,154,1167&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4066883799&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639004092615&rpt=210&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 70C5 42 B
64 B 59ms
43ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXXmhdZEHSaHv2GLDDik58BOiN5DykhaSW7SlZTTh_KZv3z1HLtIJNYQWd1QWPana3YJ0x_4Bcl-ZEREExMyf7fWmnbErGiDWwSwzUiln49gtJDEuX&sig=Cg0ArKJSzAUCRsjaF10CEAE&id=lidar2&mcvt=1000&p=270,1037,570,1337&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=722149785&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639004092804&rpt=148&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D3B 42 B
64 B 55ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNfwuxyacyov-nLL5MHx0ibUKgCVctzxmPDyRGbAiIK-r6CoA-4XIZjejzZXwSvcWYm0PUpRuR0gRRmqhNtAQEWn9aRCJAFSo8cITv22DjtMP3f108&sig=Cg0ArKJSzLcSwgGAjBOQEAE&id=lidar2&mcvt=1002&p=634,1037,884,1337&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1491631762&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639004092808&rpt=162&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6DCA 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7ap26tqrgFB7ufS7DutiWiwfFhJ7IGzfGKCkxO-ygE1Han7iQnjMNeW69wKFOXa8_W3QBCiDWab-H17_Br60qT8EMb3w9L_qbGnP93xX58AlAhDXe&sig=Cg0ArKJSzHrKd1_5vdUeEAE&id=lidar2&mcvt=1000&p=254,251,362,956&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=836704581&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639004092908&rpt=215&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D97E 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgaNHDVTBW4LkNUQe857Py0Z-n_6xRuVNnfkcXPdgQQqo_t5_aTAhjECkJxODEj0NKWbwdFkix9sF7gwS6gDgTtJAFjjtIZvugbz6UcSKNr1tlHx8N&sig=Cg0ArKJSzFTwRzOi-52zEAE&id=lidar2&mcvt=1001&p=0,1440,1200,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3589679716&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639004092918&rpt=239&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8865 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuBS4W3mpmyNcnyT25JA-dVqBjtWGaqi_5sE_K_mnH3tmBW4X8ofi_jN760vaq8hQfkV7h7usBsvnKatpwKwFKY1FoUo5dpu078ujeyKvCLMhpykAS&sig=Cg0ArKJSzIYUkXXnYwYOEAE&id=lidar2&mcvt=1000&p=0,0,1200,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1175608076&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639004092913&rpt=304&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
26ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5474165a83a6ba77595655ae64208d0bc17cf6ba2558cbbce8621f7d7202cf4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 22:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8612
x-xss-protection: 0

OPTIONS
H2 200 index.php
itwire.com/ Frame 0
0 317ms
316ms Preflight
text/html 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to

Full URL

https://itwire.com/index.php?option=com_ajax&plugin=rstbox&format=raw&task=trackevent&box=41&event=open

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-ajax-engine,x-csrf-token
Origin: https://www.itwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Dec 2021 22:54:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0, public
expires: Wed, 08 Dec 2021 22:54:57 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-server-powered-by: Engintron
content-encoding: gzip

POST index.php
itwire.com/ 0
0

GET
H2 200 Ros-Ads-300x250_HD-19.jpg
itwire.com/images/ 81 KB
82 KB 252ms
252ms Image
image/jpeg 101.0.65.50
HOSTOPIA-AU Hosto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itwire.com/images/Ros-Ads-300x250_HD-19.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

101.0.65.50 Caulfield, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),

Reverse DNS

50.65.0.101.static.digitalpacific.com.au

Software

nginx /

Resource Hash

0d30b25e1fd0d262a008a9ee5be429492ebe6f0321d0fa6c3a40ec4b53869094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Nov 2021 09:31:12 GMT
server: nginx
content-type: image/jpeg
expires: Sun, 06 Feb 2022 22:54:57 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 83169
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Wed, 08 Dec 2021 22:54:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A588 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 08 Dec 2021 21:35:03 GMT
expires: Thu, 08 Dec 2022 21:35:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 77A5 783 B
533 B 18ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e593ab8ed6d5c803449ad3e522fc03497b7de025b78a815aec49d540a58effc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DEA9alLnimYvn1pSLQINdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 08 Dec 2021 22:54:57 GMT
date: Wed, 08 Dec 2021 22:54:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DEA9alLnimYvn1pSLQINdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame A588 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 18:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 18:04:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 77A5 0
0 52ms
44ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=903907024679381&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=903907024679381&bg=!bm2lbSnNAAZKWFskSlg7ACkAdvg8WmWFZM-a_4vzFI1lwUgO6sRauW0N59O4hD4n2aLnaFQ8SRyCgwIAAABNUgAAAAxoAQeZAqGEYZhRu9jbk6Mc99JYGkhJh0htboEnYEFoSgcusGKEbcdKq8AVNL3KldaghjkZ6iSAi0ngFSgPHDLbUQRfjxt1-7dimf8xxH4c93LBdSVS14ceXzMjxhy6-kNEZuRKdcu45_6zuooWYIFIsxlDPWWebUSlIA9I6hA0LFme1q0iHeagFDE4AwmMgIKZODoXltaOqdTiMAunkJg2YcVOmej_CakBjVmUnwJFMEAz_XMT8CCMwIbP_YUWLybk5EgZvbSEwZ9ELYAPMqlz8hgSW_oPdJuU2qrpp2kXKrZeoTQAYCLVmIjA2xgFXaQYXcBAhPisynPONUpD3IuI-4Icwx6003_xnkYDmQDDA9hfgilh8-HJXX5SZCAXCHGyQYQ9SVfjIFVsQFZL9HMx4M8bqgVnXApvoTqaTmoNuw2m_A1qojWTUGpMTvFjSN4Wpgpv1qkHiX0nwAy4Mjz8pbkClMdYwAwgDWA7Sm7_ZzEW_KALNnwP4kkyUZ9JxGVSlo53sWRUsy94Wy_VrXTnc1eoqP-JoQ8jDNJMsx0Pw1Bh1lo_hWuKK34k-Ky0vYEA2PiHl9HMAXu4W7LGGSgkK-tFFx8xQWoBncdlkE0fMl6lcQCGWvYjFQYp3YONdhbU38rG-Eeat1-CIIXwcMw17RfQSR-qV53EiyQKYHPZ2wYAKdR0BwqZKL5CGlhCrA47rsiduusYNmjsWi9zo7E0j-XlZ7gN0kQPaHIUCCNrKCLRTi7DSqmdvDf3fjPzl8qIsHThMUKxaP0JJPP23EjcPmJkC767mr_fxjhexQWwGVLwCdV2-PtHsHu80MsSciW4tgdh3BCLPn-m3VzYtIKpnW1mdH8Jo1SrhqKFm12JrxeIwX4Qg7v_iWSDc2ZEBGKZyA25jRF9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 22:54:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: itwire.com
URL: https://itwire.com/media/com_jchoptimize/cache/js/19a54b2068522694af4e8a9fe8d9352b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4798
date: Wed, 08 Dec 2021 21:34:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Dec 2021 23:34:59 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=698259863&t=event&_s=1&dl=https%3A%2F%2Fwww.itwire.com%2Fsecurity%2F81860-la-times-serving-cryptocurrency-mining-script.html%27&ul=en-us&de=UTF-8&dt=iTWire%20-%20LA%20Times%20serving%20cryptocurrency%20mining%20script&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pop-up&ea=open&el=Box%20%2341%20-%20Pop-up&_u=CCCAgEABC~&jid=&gjid=&cid=1888892486.1639004092&tid=UA-38385927-1&_gid=313865446.1639004092&z=888325850

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:05:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6574
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: itwire.com
URL: https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0

Domain: itwire.com
URL: https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png

Domain: itwire.com
URL: https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png

Domain: itwire.com
URL: https://itwire.com/plugins/system/ampz/ampz/css/fonts/ampz.woff

Domain: itwire.com
URL: https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.5.0

Domain: itwire.com
URL: https://itwire.com/plugins/system/ampz/ampz/css/fonts/ampz.ttf

Domain: itwire.com
URL: https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.ttf?v=4.5.0

Domain: itwire.com
URL: https://itwire.com/index.php?option=com_ajax&plugin=rstbox&format=raw&task=trackevent&box=41&event=open

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.itwire.com/	1969-12-31 23:59:59	Name: 4ed59069e9b3a8f3da7e9add8084ea3d Value: a6a1129068cc2451965b6da6c27196e4
www.itwire.com/	1970-01-21 00:16:44	Name: nrid Value: 2c2e92f81ef2dfcc
.itwire.com/	1970-01-20 16:47:56	Name: sc_is_visitor_unique Value: rx4176764.1639004092.9C6A065DFB6F4F36FE7AF7094495CC96.1.1.1.1.1.1.1.1.1
.itwire.com/	1970-01-20 16:47:56	Name: _ga Value: GA1.2.1888892486.1639004092
.itwire.com/	1970-01-19 23:18:10	Name: _gid Value: GA1.2.313865446.1639004092
.itwire.com/	1970-01-19 23:16:44	Name: _gat Value: 1
.statcounter.com/	1970-01-21 19:05:23	Name: is_unique Value: sc4176764.1639004091.0
www.itwire.com/	1970-01-20 01:30:39	Name: onwbchtSound Value: 1
www.itwire.com/	1970-01-20 03:40:15	Name: onwbchtblocked Value: 0
www.itwire.com/	1970-01-20 01:30:39	Name: onwbchttimesVisited Value: 1
www.itwire.com/	1970-01-20 08:02:20	Name: onwbchtsessionrandom Value: 201004
www.itwire.com/	1970-01-20 01:30:39	Name: onwbchtlastvisit Value: 2021-12-8
www.itwire.com/	1970-01-20 08:02:20	Name: onwbchtclientid Value: 278609470
.itwire.com/	1970-01-20 08:38:20	Name: __gads Value: ID=25b9c7002ed6957f-2214889503cd00b3:T=1639004091:S=ALNI_MZjsypzMkCdREfOyD1XapfEPxDC6g
.doubleclick.net/	1970-01-20 08:38:20	Name: IDE Value: AHWqTUmHM3Spp65DJedFvEo_w0TXIrDWpPJLJNwccSX1TL8doii4Bz3nqPzAzV9bsoI

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
javascript	error	URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html' Message: Access to font at 'https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0' from origin 'https://www.itwire.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html' Message: Access to font at 'https://itwire.com/plugins/system/ampz/ampz/css/fonts/ampz.woff' from origin 'https://www.itwire.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://itwire.com/plugins/system/ampz/ampz/css/fonts/ampz.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html' Message: Access to font at 'https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.5.0' from origin 'https://www.itwire.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.5.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html' Message: Access to font at 'https://itwire.com/plugins/system/ampz/ampz/css/fonts/ampz.ttf' from origin 'https://www.itwire.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://itwire.com/plugins/system/ampz/ampz/css/fonts/ampz.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html' Message: Access to font at 'https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.ttf?v=4.5.0' from origin 'https://www.itwire.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://itwire.com/templates/ja_focus/fonts/font-awesome/fonts/fontawesome-webfont.ttf?v=4.5.0 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://itwire.com/templates/ja_nex/images/icon-facebook-bt.png Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://itwire.com/templates/ja_nex/images/icon-twitter-bt.png Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	error	URL: https://www.itwire.com/security/81860-la-times-serving-cryptocurrency-mining-script.html' Message: Access to XMLHttpRequest at 'https://itwire.com/index.php?option=com_ajax&plugin=rstbox&format=raw&task=trackevent&box=41&event=open' from origin 'https://www.itwire.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://itwire.com/index.php?option=com_ajax&plugin=rstbox&format=raw&task=trackevent&box=41&event=open Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
adservice.google.com
adservice.google.de
c.disquscdn.com
c.statcounter.com
cdn.syndication.twimg.com
cdn.viglink.com
cdnjs.cloudflare.com
dc862a24dea37f8b18425e755358059a.safeframe.googlesyndication.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
itwire.com
itwire.disqus.com
links.services.disqus.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
referrer.disqus.com
securepubads.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.itwire.com
www.onwebchat.com
www.statcounter.com
itwire.com
101.0.65.50
104.20.229.67
104.244.42.200
142.250.184.226
151.101.192.134
199.232.192.134
199.232.192.64
199.232.194.49
199.232.196.134
2600:9000:2240:fa00:6:8656:f5c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:135e
2606:4700::6810:a40d
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
54.171.144.161
01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88
0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
03b0b4ea7bd75f32536e7c0cad82a35dacd449b1f626ef7ffe06591b210363de
03ed8a8c964517127b400ed14214a1d1d42e358e95a1c9212c2f64969d035633
09bb92f316244ecc133d7f886c1d2abfe29c0e8e3b1e5a2c3e492da1e7793082
0b113f1001fab8bd31a15bd2e5d2f8d8beaad5c28a6e58dfad2bf3969dc5a29c
0bbbe82c2c69fe0b718af4a985298d05ff31e27cc50a0fe1fa19e527416cb29e
0c897f1bf4f7804a9072a0b640853cc3ffb4d818f751498988ff0d588f358a25
0d30b25e1fd0d262a008a9ee5be429492ebe6f0321d0fa6c3a40ec4b53869094
0e48fd93252f08db0a5f11b42ab43e564b2dc85488804bef11580c42c1050ead
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
1546b1a657363c277a40f552e1746d7c6b8c03f332761719a69bf6b909cbe290
195286a8bbab6d00a6ffab517c4d90116206538c9cf3029b2da85f6991893cfc
19b1665e918e875d382bf786b3406c7921cae8caab9b65f0c5e4590c56c3bb74
1d1ea4e13724ef85c454b9ae823541be43ce4e4bf541ae60ec2e365ce043e1ee
1fc8a745a0fd649fa446b48584f37c2cfe4f1e9934c5608f08f338ea7e1af9d0
25692bd31d76cfc5e41081fe2e4dbac76a6df2a05758f848c2609c28833198b6
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27ddc1e1f395e17f5607410e7e5232839a233b99a9bccf8d68815006059eeaf8
28d38fc9fd7372a68f99d98ef3c36e0be9a167b24707c3034dd405d5872655cc
292b47c2231eee6b5126beadc660b4504a97c329d6d501a8060d58f0ff82a532
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
3193228a29e7360da1f8357c2edc8b75801b9170f0f8f4e32f89e4599c566f31
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3354f35e411af23bdb1c6f899db53b4b022730e9f7b1d5a6c452e35800a6719a
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3605b747796e9772d6a35cfcb91e77d9793a304d43a273f56af9b274c72a48e0
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3747e45c51fd980f1eb30ac295e8509e4fea79d57e9f3cf41fb59eecf2aab945
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3e6ec1611d522aba1ffaeb2c85af9fef045f7975e73080b2e5b9e908ea2d0f8c
3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
42409496110e7d0c671c3e6040fcd4dbce5924b823daeae946700c91a486dae0
42a87179b6505af454ef7e329adc4056f13d227230fc4d9b8b496e2dee5f7c65
4a96072a38b7fd89b48f324601670e4faec8e2076f8fc1e2bc27d2cbafd9c384
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c6bbc212487afc8786717ff87de5665283ea218b92428750749b0dec002bb6e
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4f26ecfc3fa7e6ee6de449aa3a121e113a05d64f2d0e7c379a9c2373451069ef
5474165a83a6ba77595655ae64208d0bc17cf6ba2558cbbce8621f7d7202cf4b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3f14e6f4fbb56b7c245cff881d1e3c9b5e03e2c62d63e9af67ebf9a8f19b9a
5b79c3d8b042d767832af62a1766e7bc2ab90b0043036caf2f3ee84b70b8843b
5bf4166d786ac1ca315ce97f356982eda99d7f299f88c6a7efb0b06a23690532
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655e1b1c2df2d432818e7b88a43034255279b0b75d20a08cbca8ff6ccbf85330
6cbf3d5198e3c67803ca9868b5ee9c2c464f2e6ddcce9cef64ed608c5c57949f
6ed908068594533016e752e480de139695ee332278bdfa8ede9a89abc5f6bcd4
6f2a29f62ded994df2cffdce9f910d560cc8d71d078ee27af18653a448cea48b
70fa72eda0252b1e7aed0ef14c3a59e318ac75a4780ceb889fc6d7cd97033593
71b82946f446dacb003563eb1303510f29b25a6ad04fc228f3c35ee7e5488998
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
746023e2560c82cdbf7252e3fdf2ac8a5b3ae37066058df28d71b05dfad58a87
77f02cf5c245c310b2bf0efa8c58552901c0015d84e0d31d671af7ded2444713
7a603ecd20783d53cc90a1741a3eb6c84910f9c60510953cf05477b6b303295c
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7b521166001234a80e9297c8264cea4b9601dfd3d1365e14686f9dd60f6c3693
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7e43e7f65a34f2c8add39ab9bfe96400e69fecac5a3c90066cd5bc561c509971
7f8ae97abd0c27249e88a14c434c393c4af4567f5f91c1e4602bfbf79e0a9b71
7feb36a2d9bf0e6940f22dbb87b3cccc19a88c97ae0e882c0cdc0acdc4ad8760
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867bde5f1930963a16e7dac4c891142edaa529a4428bb3486165757b7c8ead08
874969971af45d62c0775cd9fcd57ce028ed54653a2d074ff7ce93f0e31a7091
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88bc032cd342593f88880e656b01bca9e5c9fe5ed979b2a28b1bb253216bc855
88f3ef61bab8f818fe354512e8f02d6052c53ee4cb954a824ffcd43a1ca9b970
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba47dd5f46f379be7ed4dea596744e60700629d124d403ce80fdb0363ad7f73
8d2a34cb8f7db1fab641c02490d46f1d7c364ad88980b77056831c662ef7678d
8e593ab8ed6d5c803449ad3e522fc03497b7de025b78a815aec49d540a58effc
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8fa7e18a578a78f77ef955aaee53cb95c283cb05030fcc4e347d2b319d931dc1
8ff028c7ccfefb191fe4ef11c0beb642ba8bb47914b608a5682948c4f3f4f5e1
921d26c66221a86e43e10338a0dcdc5c0609dc492b22ea11de254724c123f48b
93b03cb5858b85b7416c62c67842f3fd21239844af20b5d910ac2d222470bd76
93e65d3c410f50355be5d8709c90eb1ab32b52524fc0216913c23a5321b9e828
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
9b840b452f53b85ff26e718b599f2e9eb15bb62dd6f24a3aa63850af8a382fe8
9d844efe39988fa19341635d577775b1a94abf70ed1e1734fdd4a7de89ce33aa
9e9f6b550690016e3b6742a7cfc5aaa504d214fc1b7ec1845a8c18eec869b15d
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e
a02843d4c6fcd7726682d7275eb7080183d90521066a7fd20ac4c30a8adc76d9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a113be1e94912e5565ea7160413ee7f3f447f681f7e49c0b95e01ccad6989bc4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6aa9e41c73328b4ab3c5f772d4470a4d47da2cf8434843e5f811b9e604dc674
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0b1885d9dfb1f6a967b718cc56071cacce4a8340391ea48b040780d13af089a
b8706b31948191d96c612540e37b89878ea51c09d6b3b62077cc48fe2e77d92c
b870d09319848c872ad175f227c964db6fdd8e4e3b83dedc00f4c8c5506bd0fb
babcfb010b001bd1def41cf31872c54fff8038eccdcb5aec43ffbb489701c8b6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc123809dae41c5843c3b55cadeea8931b9049ce9293a8876b640e1c1d5c69e2
bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c39f38776508cc2a307bc5b09b86446fb7ed06e2d0e77f0ba25639ed35cab1cd
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c886f9edce4f7a7d516171fcea56ee95627a770a127ffaf42e5851d944691f5e
c9bc89661146da8ef00fcb3faef57e10ae5e64a63e29f06b3f58d33aac6e6ec6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc6951fa8a82bb59793852a14f603606c9ba0383dea386285fcbef01fc6a0631
cd2df48a44679060eeb8e4fb0102cb859d428b40036cd5bacaf62ac57c08bf79
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4a5e99477f03714098452892ade2f4f755a52429d64240a69fd64300e406c15
d4e4caab2abe882613525c8bcb9055d2c32ce9c01985c48270587510f31994ea
d4e7f429a1f7f92d8fbc146387116fc3fbf30c19f483ab32fadec864a4f9c698
d5b46b44f5ac824a8dd7e0e53d51ee32abe3acd6b1850d05cf1fedb62fce0cd0
d6ec059984215ec03f34e2cef49527d5ec2c6467624cdfd18de58949db9e3a8b
d820366ef175cc65f39bd05035aa83a62a1b1dcc8079d6ff261c48387f22fdbf
d9473dc254914f26f7000bc3eacc42988538946d23e38b6a98f7648f22e13378
d96559305c48579b07d48ea489fb2af2b1100ff2b83774f5ce72f1826b004115
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dc8217182c8e42850f33282cb2942ca1e1d94cd386d25e503276457d9b42f856
de4150b04c01fd6aa503a95fcf9a356e33d0dbf8c2b0c118e05a935dc2eda88c
dfa8bd55827661012326ff2ba9df187ea1a362487606ccf037db72b1b854734c
e14e57988f7e9fa2353c068a855d39e48624dc4f6d9c3af31c595f5839c7682c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c50a4655dafb47029f8cfb54a26fb328ac6991f841a2c0b7079201f2dc733d
e76546812603b2c76b2cba682535b8e11e03c2a291100649549e94576a07cb95
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
e9ccf010d04f6afacfa5836009cd68860ebb6ad820bb0bbb04ef84152ef6d940
ead1e75efbc6a2f4d7de6932d0967316b1f63d265719888f5a462bcddbbf75e1
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eced437d4bb8a726d823bb80013c37e1e0eb81069618e7cc57ff1eadf0d0cff4
ed7e60f2684859b03d76003b1783b4c0a8b4ca3e18760837dc5b976fec49a1e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f327aaca8141d2431fc85cf4e23e0a82be62acb848f94b0c2e9f77f37074d1c7
f42afe2d52b73e8d1578a18e8fb539e5f7ce3e0abf428b32cafd58564a7011bc
f67ffedc9ff35fb1c5e6583bcbad8e5e357b98191a3bbaf17500e4d9d41d5816
f8408cc5e8c50098d1ef244e303c5b6ed13814cb185755a9c4dda17edbd6c35f
f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04
ff3f38603fdc7a304a7a63e7f595196aa9196a0dfe7be01314361924dc29e01a

www.itwire.com Open in urlscan Pro 101.0.65.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

261 Requests

92 %HTTPS

60 %IPv6

17 Domains

28 Subdomains

26 IPs

5 Countries

4184 kBTransfer

10193 kBSize

15 Cookies

218 Outgoing links

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.itwire.com Open in urlscan Pro
101.0.65.50 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

92 %
HTTPS

60 %
IPv6

17
Domains

28
Subdomains

26
IPs

5
Countries

4184 kB
Transfer

10193 kB
Size

15
Cookies

261 HTTP transactions
1 data transactions