www.itnews.com.au Open in urlscan Pro
203.176.102.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apple.news/AGE6ioqABTNywEja6RuAUeQ
Effective URL:
https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Submission: On March 18 via manual (March 18th 2022, 12:28:25 am UTC) from PH — Scanned from DE

Summary HTTP 305 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 40 domains to perform 305 HTTP transactions. The main IP is 203.176.102.69, located in Sydney, Australia and belongs to NXGNET-AS-AP Nextgen Networks, AU. The main domain is www.itnews.com.au. The Cisco Umbrella rank of the primary domain is 943815.
TLS certificate: Issued by SSL.com RSA SSL subCA on July 16th 2021. Valid for: a year.

This is the only time www.itnews.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a02:26f0:6c0... 2a02:26f0:6c00:294::3277	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:6c0... 2a02:26f0:6c00:29a::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9 42	203.176.102.69 203.176.102.69	38809 (NXGNET-AS...) (NXGNET-AS-AP Nextgen Networks)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
23	203.176.102.67 203.176.102.67	() ()
20	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	107.178.240.224 107.178.240.224	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
16	104.18.23.230 104.18.23.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	108.157.4.113 108.157.4.113	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f05... 2a03:2880:f058:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.195.59 13.224.195.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:811::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
5	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f15... 2a03:2880:f158:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	108.157.4.102 108.157.4.102	16509 (AMAZON-02) (AMAZON-02)
6 10	34.253.71.31 34.253.71.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	99.80.58.148 99.80.58.148	16509 (AMAZON-02) (AMAZON-02)
30	2600:9000:21f... 2600:9000:21f3:4600:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
1 17	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	() ()
1	199.232.194.49 199.232.194.49	() ()
25	2a00:1450:400... 2a00:1450:4001:808::2001	() ()
2	13.224.192.221 13.224.192.221	() ()
2	213.19.147.45 213.19.147.45	() ()
1	142.250.184.198 142.250.184.198	() ()
1 2	13.224.195.32 13.224.195.32	() ()
4	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
5	2a00:1450:400... 2a00:1450:400e:80d::2006	() ()
2	142.250.186.34 142.250.186.34	() ()
1	152.195.15.58 152.195.15.58	() ()
305	58

3 2a02:26f0:6c00:294::3277 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apple.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:29a::1aca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 203.176.102.69 (Sydney, Australia) 9 redirects

ASN38809 (NXGNET-AS-AP Nextgen Networks, AU)
PTR: secure.nextmedia.com.au

www.itnews.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 203.176.102.67 (None, )

ASN- ()

i.nextmedia.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com

koi-3qnnf9xqbw.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.23.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f058:f:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-59.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:811::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

itnewsnext.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f158:82:face:b00c:0:25de (London, United Kingdom)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-102.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.253.71.31 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-71-31.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.58.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-58-148.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:21f3:4600:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:134:1a0d:1429:742:782:b6 (None, )

ASN- ()

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (None, )

ASN- ()

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:808::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.192.221 (None, )

ASN- ()

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (None, )

ASN- ()

rx-stats3.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.195.32 (None, ) 1 redirects

ASN- ()

native.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:80d::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.15.58 (None, )

ASN- ()

cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	itnews.com.au 9 redirects www.itnews.com.au — Cisco Umbrella Rank: 943815	256 KB
31	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 3984 a.disquscdn.com	835 KB
27	googlesyndication.com b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	772 KB
26	twitter.com platform.twitter.com — Cisco Umbrella Rank: 525 syndication.twitter.com — Cisco Umbrella Rank: 769 analytics.twitter.com — Cisco Umbrella Rank: 464	572 KB
23	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 ad.doubleclick.net googleads4.g.doubleclick.net	197 KB
23	nextmedia.com.au i.nextmedia.com.au	353 KB
16	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 5782	35 KB
13	disqus.com itnewsnext.disqus.com disqus.com — Cisco Umbrella Rank: 2684 referrer.disqus.com	114 KB
13	gstatic.com fonts.gstatic.com	277 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	138 KB
10	prfct.co 6 redirects pixel-geo.prfct.co — Cisco Umbrella Rank: 14220	4 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	298 KB
8	apple.com www.apple.com — Cisco Umbrella Rank: 210	792 KB
6	unrulymedia.com 1 redirects video.unrulymedia.com rx-stats3.unrulymedia.com native.unrulymedia.com	25 KB
6	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1236 pbs.twimg.com	129 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	607 B
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	1 KB
5	2mdn.net s0.2mdn.net	186 KB
5	ampproject.org cdn.ampproject.org	111 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1636	66 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 359	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	201 KB
3	apple.news apple.news — Cisco Umbrella Rank: 232	17 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 268	575 B
2	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	marketingautomation.services koi-3qnnf9xqbw.marketingautomation.services	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	82 KB
1	bizibly.com cdn.bizibly.com	343 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 289	239 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 323	274 B
1	perfectaudience.com tag.perfectaudience.com — Cisco Umbrella Rank: 16726	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2051	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2038	20 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2209	905 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 799	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	64 KB
0	atdmt.com Failed ad.atdmt.com Failed
305	40

	Domain	Requested by
42	www.itnews.com.au	9 redirects apple.news www.itnews.com.au ajax.googleapis.com
30	c.disquscdn.com	itnewsnext.disqus.com disqus.com c.disquscdn.com www.itnews.com.au
23	i.nextmedia.com.au	www.itnews.com.au
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.itnews.com.au b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
20	platform.twitter.com	www.itnews.com.au platform.twitter.com
17	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net apple.news www.itnews.com.au b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
16	www.dianomi.com	www.itnews.com.au www.dianomi.com
13	fonts.gstatic.com	fonts.googleapis.com
10	pixel-geo.prfct.co	6 redirects www.itnews.com.au
10	www.googletagservices.com	www.itnews.com.au securepubads.g.doubleclick.net b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com www.googletagservices.com s0.2mdn.net
8	disqus.com	itnewsnext.disqus.com c.disquscdn.com
8	www.apple.com	apple.news www.apple.com
7	fonts.googleapis.com	www.itnews.com.au www.dianomi.com securepubads.g.doubleclick.net
6	www.facebook.com	www.itnews.com.au
5	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pbs.twimg.com	www.itnews.com.au platform.twitter.com
5	syndication.twitter.com	platform.twitter.com www.itnews.com.au
5	www.google.com	www.itnews.com.au securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.itnews.com.au
4	itnewsnext.disqus.com	www.itnews.com.au itnewsnext.disqus.com
4	ajax.googleapis.com	www.itnews.com.au video.unrulymedia.com
3	b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	secure.adnxs.com	2 redirects www.itnews.com.au
3	connect.facebook.net	apple.news connect.facebook.net
3	apple.news	apple.news
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	native.unrulymedia.com	1 redirects www.itnews.com.au
2	rx-stats3.unrulymedia.com	b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com www.itnews.com.au
2	video.unrulymedia.com	b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com video.unrulymedia.com
2	ups.analytics.yahoo.com	1 redirects www.itnews.com.au
2	www.google-analytics.com	www.itnews.com.au www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	koi-3qnnf9xqbw.marketingautomation.services	www.itnews.com.au koi-3qnnf9xqbw.marketingautomation.services
2	cdnjs.cloudflare.com	www.itnews.com.au cdnjs.cloudflare.com
1	cdn.bizibly.com	ad.doubleclick.net
1	ad.doubleclick.net	www.googletagservices.com
1	referrer.disqus.com	www.itnews.com.au
1	a.disquscdn.com	www.itnews.com.au
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	www.itnews.com.au
1	us-u.openx.net	www.itnews.com.au
1	analytics.twitter.com	www.itnews.com.au
1	in.hotjar.com	script.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	tag.perfectaudience.com	koi-3qnnf9xqbw.marketingautomation.services
1	www.google.de	www.itnews.com.au
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.itnews.com.au
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.itnews.com.au
0	ad.atdmt.com Failed	ad.doubleclick.net
305	63

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.itnews.asia
mrd0x.com
pubads.g.doubleclick.net
www.crn.com.au
www.bit.com.au
www.iothub.com.au
www.nextmedia.com.au
www.interactive.com.au

Subject Issuer	Validity	Valid
c.apple.news Apple Public Server RSA CA 12 - G1	`2022-02-10` - `2023-03-12`	a year	crt.sh
www.apple.com Apple Public EV Server RSA CA 2 - G1	`2021-09-08` - `2022-10-08`	a year	crt.sh
itnews.com.au SSL.com RSA SSL subCA	`2021-07-16` - `2022-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
i.nextmedia.com.au SSL.com RSA SSL subCA	`2021-12-12` - `2022-12-12`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.marketingautomation.services Sectigo RSA Organization Validation Secure Server CA	`2020-03-12` - `2022-06-10`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.perfectaudience.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-05` - `2023-02-06`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.prfct.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.unrulymedia.com Go Daddy Secure Certificate Authority - G2	`2021-11-17` - `2022-11-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Frame ID: 5872F339183CD54A638A181ECC65DC44
Requests: 139 HTTP requests in this frame

Frame: https://www.dianomi.com/recirculation.epl?id=119
Frame ID: D8B72B2A99B9385589249CCE57EA062E
Requests: 11 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5141
Frame ID: E1F68C04914026ACCC507F0F1826A1D8
Requests: 14 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.itnews.com.au
Frame ID: ADC94CF2C335D76D8EC89391501A49B2
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 3E454DCF3326A76C50414D0CA0A6D86A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Frame ID: 94930441CB7253BBD466ADE5CF7A9D9B
Requests: 26 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
Frame ID: 6C6B3E30C1E5933744F10C00DDCCE71C
Requests: 14 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages
Frame ID: CC51D5B5EAE66C83DDBCA4E9CA9B2ECF
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1F648FFA4CCE6A617B2807EA843A60F3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 120344233DF1C1DE0793DCEF4F6DA05E
Requests: 1 HTTP requests in this frame

Frame: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D856C64607AA1CA6914F8E3DDF448D4D
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 9B5D7B0F8F5CF0B2F03492F79C5BA681
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: AD005AAD04B2443021AC0FBE890D4C4C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoYrnybRCMCUc5HyLzqf2-ACxA50cKKV8P0XZZ_8WWRpsmZnvNeAkjK7RF0r5w4WxDDz2-gxw-sqrhW3Vqi5XEQaXq_UdvBT79idbXQaLWvEmrne21r9g16a3G49QBFwI0fMsEIo5fyOYta0ZhDMgmn9-CrUkSn19F9QJ413gdD1zEKi5jdWOvRIq2sXc16RmKseCJ2xe99eW6LQ5Y2vYgqDRIliRUE_8mgOhIBO-mkPP7CYAsbwN77cF5vXAXhLrI5xoNh51G0NbutkrR-1BR_7xtD2oII3uZgiSWy-SGkqQVs3BVraFyg5YxnCImVLqsQsfl&sig=Cg0ArKJSzHZxJ0jkBWo2EAE&uach_m=[UACH]&adurl=
Frame ID: 77D911B77295862C7F4F459A6EC129A6
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: B7D6F01A17EDE6EC06DB689078C7C17B
Requests: 16 HTTP requests in this frame

Frame: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F0D65CF88294DAD6E2A50512F45A4C00
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg7A8cvIRwV5lxQwnQsq4q7mvER_uqWS838SXCYB1yGKwz7ggU3AnjOQ9naO9XVIaztIgRw6ExEuEi6A91ym9FybfuyZyFKM7e-t_ekCUZ-7TyF07JdVfLTVos5O6USeKdcZK1JEaIybaB-IAGuYhdOWrZxJRM3qfu4UjqkP5ZALnIHfgUdqCyrzurfhy8aG9JKNjsFovsvNL34MhYNBg_HHD2Wfik8vcLyu2wnQWhL6cnWL-jPStkoGGJSnePWGc5_eQYSwGPh5e1x2KpukuLJ938cPLsGG7ba2htDXNHiZCILYBZzdxx&sig=Cg0ArKJSzJscL2LoW9BAEAE&uach_m=[UACH]&adurl=
Frame ID: 3EB1F86A559C75DACBE37C9DBDA1ECD3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuntgo0ypbdNOA72y0UgxCv2V45yFdwpIo8hUtk-NaM-mvUMXzl-8dHKckJ2CYgrc1BIa-6SuVQ1-ylUwBCT1sER2P55ZyS4AE8IX3xY7efn3rdyJ-PW3qt2qBElpDAZCjmlKg5qVfkUxcXKA_lu1BNpLhh7pxnKkD6ai1oot1GPd3lHgxqIOPt8ROtiECNSrkTBMEyFXlT2mt_RRi-O7A_OOm8QC8W0qssjob_RqDa6xa-vNOnpWpOYYYFLaWORmQ0F-BBUUBSKLlY_Bld1h2sx5HyB3emzTnYCbiJvofNT9D-DOJ1jA6xkbqGv-Y-iA&sig=Cg0ArKJSzLYwsdV4DQlXEAE&uach_m=[UACH]&adurl=
Frame ID: 0B899A2A57FACFEC25FC8F4DE6617C87
Requests: 8 HTTP requests in this frame

Frame: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9105EABBDC889735513A19BFA362E211
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst74Z52ITuosebccQkp3HD1Hk3GBxjuCc4WMZne8iX1YVsaidc4ofJvV_fNfnFdXYWcGuEdbL6ZoUnTiQrjFRHhTU-a0d_dfGNFZCuOhBhJC7l4m1nzkd_HeM3kJBgxB0V1PfoOz7OgXvjXht2Tbj4aKKOGMD3uLspeB9Ip07nM_x7mJtEsvIHhC9PocBco9MPatKB4ysj_oEEEBPV-Pf-upKmEbtzAn0jpQ-X1J7H1h_E80HZkzCTJ84mfUaBWSqDeoqyh26WfyF9GAZWQvPkbt2Ywvf2qFreVRkQHgwJ4n0KUokOgaVbhmCjdNxvAGJbwWVUHd0TvlQKNppIJ-A&sig=Cg0ArKJSzAimJcqvMApoEAE&uach_m=[UACH]&adurl=
Frame ID: 4DD6B3D92AC50C0C6A257130AC6441E9
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: C43DC505C1980968BE39FB1FB960EBFD
Requests: 1 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Frame ID: 1C041618EAAD874150044162E665D54D
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7442.1964900ITNEWS/B27257712.328206801;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3381710146;ord=x8rdgz;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstRYvIlzyH78iGYVhXYPatDlcfg81yPkiPcWnOdnwu4aCoOxzJ4G87WRxVnVWC9xiTTU7kcSAqnRWTouNwOk0qQ1vUXvGZUtMB2nD42yRxEGby7MKdeA2Vg-M1_6pUK5vNWVDnsRmNT1LGI7myp7q0TWs15QWtWMrO5ClxnRBfxkIQFCcLDjtD4RSb14KmVwF0xe86Jwk-7U6cu2jF96o16VQToL2CsB-r30axyRhisH3GPw4__bil8eaQJ_t66f1PAAsnIbdbGniF0n9JljNovearsjxmnxOoOQ1DYVOWKo2o8Z4ug%26sig%3DCg0ArKJSzNx5nt4NQsvaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.itnews.com.au%2F$0;xdt=1;crlt=N9nPVxrym5;sttr=66;prcl=s
Frame ID: F8F528937F90E32205CC8ECD2ACB6D63
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/index.html
Frame ID: 5B12D794F3815E056A3B97FD2BB220BD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5CE95FAF11CB9052638595AF2098EE0E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phishers devise browser-in-the-browser attacks, 'chameleon' landing pages - Security - iTnews

Page URL History Show full URLs

https://apple.news/AGE6ioqABTNywEja6RuAUeQ Page URL
https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

305
Requests

92 %
HTTPS

51 %
IPv6

40
Domains

63
Subdomains

58
IPs

7
Countries

5687 kB
Transfer

11084 kB
Size

36
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/itnews_au

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iTnewsAustralia

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/itnews

Search URL Search Domain Scan URL

URL: https://www.itnews.asia/
Title: Asia Edition

Search URL Search Domain Scan URL

URL: https://mrd0x.com/browser-in-the-browser-phishing-attack/
Title: documented

Search URL Search Domain Scan URL

URL: https://mrd0x.com/whoami
Title: mr.d0x

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Phishers%20devise%20browser-in-the-browser%20attacks,%20%27chameleon%27%20landing%20pages&related=&url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source=desktop%26utm_medium=twitter%26utm_campaign=share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source=desktop%26utm_medium=facebook%26utm_campaign=share

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source=desktop%26utm_medium=linkedin%26utm_campaign=share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source%3Dmobile%26utm_medium%3Dfacebook%26utm_campaign%3Dshare

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source%3Dmobile%26utm_medium%3Dlinkedin%26utm_campaign%3Dshare

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5935527728&iu=/1003277/iTnews-SponsoredLinks

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5932779787&iu=/1003277/iTnews-SponsoredLinks

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/google-cloud-names-angela-coronica-new-anz-channel-chief-575039?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Google Cloud names Angela Coronica new ANZ channel chief

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/sap-names-first-regional-head-of-sustainability-575067?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: SAP names first regional head of sustainability

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/long-time-microsoft-anz-exec-phil-goldie-departs-after-12-years-575011?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Long-time Microsoft ANZ exec Phil Goldie departs after 12 years

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/canon-business-services-acquires-wa-microsoft-partner-satalyst-574890?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Canon Business Services acquires WA Microsoft partner Satalyst

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/news/aussie-technology-spending-to-reach-111-billion-in-2022-gartner-574894?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Aussie technology spending to reach $111 billion in 2022: Gartner

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/review/venom-blackbook-zero-15-phantom-573253?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Venom BlackBook Zero 15 Phantom

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/guide/facebook-linkedin-or-instagram-social-media-success-isnt-one-size-fits-all-574908?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Facebook, LinkedIn or Instagram? Social media success isn’t one size fits all

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/guide/digital-dystopia-your-reputation-is-on-the-line-574913?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Digital dystopia: your reputation is on the line

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/guide/creating-sustainable-high-performance-computing-to-drive-the-data-industry-forward-574918?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Creating sustainable high-performance computing to drive the data industry forward

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/news/how-long-will-a-ups-keep-your-computers-on-if-the-lights-go-out-316806?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: How long will a UPS keep your computers on if the lights go out?

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/event/iot-impact-conference-576820?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: IoT Impact Conference

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/event/iot-insights-conference-orange-nsw-digital-food-agribusiness-576814?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: IoT Insights conference, Orange NSW: Digital Food & Agribusiness

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/news/iot-impact-moving-to-june-9-575046?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: IoT Impact moving to June 9

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/news/2021-iot-awards-winners-announced-572454?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: 2021 IoT Awards winners announced

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/news/john-holland-uses-iot-to-track-spoil-removal-from-construction-sites-577419?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: John Holland uses IoT to track spoil removal from construction sites

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/

Search URL Search Domain Scan URL

URL: https://www.bit.com.au/
Title: BIT

Search URL Search Domain Scan URL

URL: https://www.crn.com.au/
Title: CRN Australia

Search URL Search Domain Scan URL

URL: https://www.iothub.com.au/
Title: IoT Hub

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.interactive.com.au/

Search URL Search Domain Scan URL

URL: https://www.nextmedia.com.au/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apple.news/AGE6ioqABTNywEja6RuAUeQ Page URL
https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.itnews.com.au/Images/mobile-share-twitter.png HTTP 301
https://www.itnews.com.au/images/mobile-share-twitter.png

Request Chain 32

https://www.itnews.com.au/Images/mobile-share-facebook.png HTTP 301
https://www.itnews.com.au/images/mobile-share-facebook.png

Request Chain 33

https://www.itnews.com.au/Images/mobile-share-linkedin.png HTTP 301
https://www.itnews.com.au/images/mobile-share-linkedin.png

Request Chain 34

https://www.itnews.com.au/Images/mobile-share-whatsapp.png HTTP 301
https://www.itnews.com.au/images/mobile-share-whatsapp.png

Request Chain 35

https://www.itnews.com.au/Images/mobile-share-email.png HTTP 301
https://www.itnews.com.au/images/mobile-share-email.png

Request Chain 57

https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png HTTP 301
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png

Request Chain 58

https://www.itnews.com.au/Images/itnews-logo-white.png HTTP 301
https://www.itnews.com.au/images/itnews-logo-white.png

Request Chain 59

https://www.itnews.com.au/Images/search-icon.png HTTP 301
https://www.itnews.com.au/images/search-icon.png

Request Chain 106

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1647563301993%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&liSync=true&e_ipv6=AQJ0X-I1x_nZ3gAAAX-abOjFq11nNj03SG1jq9tfGA0Zj7qgnEPzAC2-2_8MUKEzJjbENP3q

Request Chain 116

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2f20220228043335_small.png&s=20220228043335_small.png HTTP 302
https://i.nextmedia.com.au/Assets/20220228043335_small.png

Request Chain 117

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2fRVBD-Aternity-Lockup85x25.jpg&s=RVBD-Aternity-Lockup85x25.jpg HTTP 302
https://i.nextmedia.com.au/Assets/RVBD-Aternity-Lockup85x25.jpg

Request Chain 118

https://www.itnews.com.au/Images/bullet.png HTTP 301
https://www.itnews.com.au/images/bullet.png

Request Chain 137

https://pixel-geo.prfct.co/tagjs?a_id=147698&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag

Request Chain 159

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202203|6233d2267d182e52e7248cc6&pid=pa_mFLwlX5PRgNTB0g7k HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202203%7C6233d2267d182e52e7248cc6%26pid%3Dpa_mFLwlX5PRgNTB0g7k HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=7554898630455882158&sid=202203|6233d2267d182e52e7248cc6&pid=pa_mFLwlX5PRgNTB0g7k

Request Chain 160

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mFLwlX5PRgNTB0g7k

Request Chain 161

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_mFLwlX5PRgNTB0g7k&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_mFLwlX5PRgNTB0g7k&_origin=1&verify=true

Request Chain 162

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_mFLwlX5PRgNTB0g7k

Request Chain 163

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mFLwlX5PRgNTB0g7k

Request Chain 164

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfbUZMd2xYNVBSZ05UQjBnN2s HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 257

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueprsmcZDanuS5PHshNSUUUjfXMxgns1mibNLs_aN50V9g1k7CMFYBOUDfdXHYMpY-chNXZDOUzga6rusVf6UO1x5ureMoQUHjllPf9bn_6bSePo6gB9vxy5uDCWJ1ABQIN1zY4sfpaV6erwtHmrMcmoHNtJDdyjc9GmnZsRuLVAeHMA-3sQjrjBgKzG-GxqNHNy_cV4uyF-InuH8DdKPc7mSpmo0p6VpBPgtuPgaGI5lSZzi2NizBetELXjnYz2gzw4oKbbgRmSzzDeI_MQllCsB6MrJ56ZXqrjurej7HG7dfAb_ozLo0z9Yf&sig=Cg0ArKJSzFhNZvmFh11BEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/3473041443409053549? HTTP 302
https://tpc.googlesyndication.com/simgad/3473041443409053549

Request Chain 293

https://native.unrulymedia.com/native?percentage=10 HTTP 302
https://native.unrulymedia.com/native/native_v1.0.1743-0-ga9347d2.js

305 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK AGE6ioqABTNywEja6RuAUeQ Show response
apple.news/ 8 KB
3 KB 336ms
307ms Document
text/html 2a02:26f0:6c00:294::3277
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:294::3277 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154 /

Resource Hash

14fa5a46eb67474b529c61431e6e47c86de66e9dc7a0d782e919f0fad28fff86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-B3-TraceId: c857b29d9500087f
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, no-transform, max-age=300
Date: Fri, 18 Mar 2022 00:28:19 GMT
Content-Length: 2331
Connection: keep-alive

GET
H2 200 fonts
www.apple.com/wss/ 15 KB
2 KB 91ms
9ms Stylesheet
text/css 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_HIT from a2-16-186-183.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
vary: Accept-Encoding
content-length: 913
x-xss-protection: 1; mode=block
cteonnt-length: 15185
server: Apple
x-frame-options: SAMEORIGIN
date: Fri, 18 Mar 2022 00:28:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/css;charset=UTF-8
cache-control: max-age=3359
etag: 433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
expires: Fri, 18 Mar 2022 01:24:19 GMT

GET
H/1.1 200
OK index.css
apple.news/css/ 7 KB
3 KB 159ms
159ms Stylesheet
text/css 2a02:26f0:6c00:294::3277
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apple.news/css/index.css

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:294::3277 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154 /

Resource Hash

dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/AGE6ioqABTNywEja6RuAUeQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 065ed6e900a4f0d2
Connection: keep-alive
Content-Length: 2100
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 25 Feb 2022 17:20:40 GMT
Server: AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154
X-Frame-Options: DENY
Date: Fri, 18 Mar 2022 00:28:20 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0, no-cache, no-store
Accept-Ranges: bytes
Expires: Fri, 18 Mar 2022 00:28:20 GMT

GET
H/1.1 200
OK Appicon_v6.png
apple.news/images/ 11 KB
12 KB 171ms
159ms Image
image/png 2a02:26f0:6c00:294::3277
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apple.news/images/Appicon_v6.png

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:294::3277 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AppleHttpServer/18679c7ed299569e6e3e017852d0aaaa5e96b10b /

Resource Hash

b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/AGE6ioqABTNywEja6RuAUeQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Feb 2022 17:20:40 GMT
Server: AppleHttpServer/18679c7ed299569e6e3e017852d0aaaa5e96b10b
X-B3-TraceId: af2e1bd1d20277b6
Date: Fri, 18 Mar 2022 00:28:20 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11329
X-XSS-Protection: 1; mode=block
Expires: Fri, 18 Mar 2022 00:28:20 GMT

GET
H2 200 sf-pro-display_heavy.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 159 KB
160 KB 53ms
22ms Font
font/woff2 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_heavy.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 01 Feb 2022 17:48:31 GMT
x-cache-remote: TCP_IMS_HIT from a2-18-215-38.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
date: Fri, 18 Mar 2022 00:28:20 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_REFRESH_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (S)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1988
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 162416
x-xss-protection: 1; mode=block
server: Apple
expires: Fri, 18 Mar 2022 01:01:28 GMT

GET
H2 200 sf-pro-display_bold.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 150 KB
151 KB 58ms
28ms Font
font/woff2 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_bold.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 01 Feb 2022 17:48:31 GMT
x-cache-remote: TCP_IMS_HIT from a2-18-215-6.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
date: Fri, 18 Mar 2022 00:28:20 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_REFRESH_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (S)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1406
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 153880
x-xss-protection: 1; mode=block
server: Apple
expires: Fri, 18 Mar 2022 00:51:46 GMT

GET
H2 200 sf-pro-display_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 138 KB
139 KB 56ms
27ms Font
font/woff2 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_regular.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 01 Feb 2022 17:48:31 GMT
server: Apple
date: Fri, 18 Mar 2022 00:28:20 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2801
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 141324
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 01:15:01 GMT

GET
H2 200 SFProIcons_semibold.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 9 KB
9 KB 53ms
24ms Font
application/font-woff 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_semibold.woff

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 01 Feb 2022 17:48:37 GMT
server: Apple
date: Fri, 18 Mar 2022 00:28:20 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=673
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 8868
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 00:39:33 GMT

GET
H2 200 SFProIcons_regular.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 10 KB
11 KB 52ms
23ms Font
application/font-woff 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_regular.woff

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 01 Feb 2022 17:48:37 GMT
server: Apple
date: Fri, 18 Mar 2022 00:28:20 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=1192
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 10380
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 00:48:12 GMT

GET
H2 200 sf-pro-text_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 166 KB
167 KB 51ms
23ms Font
font/woff2 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_semibold.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 01 Feb 2022 17:48:50 GMT
x-cache-remote: TCP_IMS_HIT from a2-16-186-183.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
date: Fri, 18 Mar 2022 00:28:20 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_REFRESH_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (S)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2422
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 169880
x-xss-protection: 1; mode=block
server: Apple
expires: Fri, 18 Mar 2022 01:08:42 GMT

GET
H2 200 sf-pro-text_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 152 KB
153 KB 36ms
8ms Font
font/woff2 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_regular.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 01 Feb 2022 17:48:50 GMT
server: Apple
date: Fri, 18 Mar 2022 00:28:20 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2467
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 155504
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 01:09:27 GMT

GET
H2 200 Primary Request phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458 Show response
www.itnews.com.au/news/ 74 KB
74 KB 1255ms
287ms Document
text/html 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a35e83e898d24820dbb49dab3e58812a1e635999ac8ed1401794df34a40fd198

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/

Response headers

cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 18 Mar 2022 00:28:19 GMT
content-length: 76035

GET
H2 200 css
fonts.googleapis.com/ 4 KB
572 B 145ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

111ef215436e1f4c0a8415e91562f11b2c81cfaedb5a4f35c61408a920b37fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 00:28:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 00:28:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 00:28:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
982 B 145ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b695d61dec08008b7557f86ef8855cac3d5ecb30e22ff774963ba80d0c5b7ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 00:28:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 00:28:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 00:28:21 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 64ms
26ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1520819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5z%2BdnIaDnXVtSYyE2c0GKxX380E2PKqSlE3Gl2wkcvWHCgzhK2gMHdWfSACXbYpqf0jtbC2CExkTGT366GKWC8YBWhZZ3vg%2B9V%2F8PHIaCqlZOFnB956aJlj2YHL8CHKg09l5hZSX7fRV81DKtC%2Fy9HO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ed9d90ace959a3f-FRA
expires: Wed, 08 Mar 2023 00:28:21 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 34 KB
9 KB 135ms
39ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 09:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8060
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 09:27:40 GMT

GET
H2 200 css_6b1b8d61a41b56d897df75b23d33ac64.css
www.itnews.com.au/styles/ 239 KB
36 KB 542ms
542ms Stylesheet
text/css 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 062acacf52f08a643fc6509d33cd201c510d025b66f2120b52d74de0de96046d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 23:42:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "081d799583ad81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 37033
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 itnews-logo-sticky.png
www.itnews.com.au/images/ 4 KB
4 KB 674ms
674ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-sticky.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:19 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "be83c6e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3919
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
64 KB 144ms
55ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbb12ce3fb1759c87d54c5b0c63408249e48c264b80ada6cc5156286073f362d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65192
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Mar 2022 00:28:22 GMT

GET
H2 200 itnews-logo-white.png
www.itnews.com.au/images/ 4 KB
4 KB 281ms
275ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dfcd0e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3959
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 50 KB
50 KB 2833ms
824ms Image
image/png 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2freal-fake-facebook_login.png&w=480&c=0&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9b3fd594766f46240cab8e1fd423a26d9f174f9d0115a76d124400013b239652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="0_0_480_1_70_/News/real-fake-facebook_login.png"
content-length: 51343
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 34ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:22 GMT
Content-Encoding: gzip
Age: 917
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (frb/6763)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 newsletter-promo-1.png
www.itnews.com.au/images/ 38 KB
38 KB 282ms
277ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/newsletter-promo-1.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b8459e21938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 39346
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 11 KB
11 KB 2285ms
277ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2f20220308012908_Server_room_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f516c3196a02d0a44636e20fd582f98d2ee57cd15887a6621971babb448695a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/20220308012908_Server_room_1.jpg"
content-length: 11116
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 15 KB
15 KB 2559ms
551ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2flog4j_stock_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 971d0bc2853ee6eb0a538a1d57daa1e71ef704100eefef26b3f5ccfe8ee10bb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/log4j_stock_1.jpg"
content-length: 15032
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 7 KB
7 KB 2559ms
551ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fcall_centre_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 973bf072ae2ac6d68bd82371390321d9745314f32592dcd98b6ffd891cfc5eb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/call_centre_1.jpg"
content-length: 7473
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 2558ms
550ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2f20220113040609_data_fast_person_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b628abcb91b2bbacf3fca30fe48a3aa9680b9562c9ab565fcd9c6401bba44d1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/20220113040609_data_fast_person_1.jpg"
content-length: 9126
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 2 KB
2 KB 2559ms
552ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fBarracuda_Ransomware.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 54c0b046768c0d09f71e5dbf85d8182618bdef2d7a7f596dde637ebd8fcb6164

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/Barracuda_Ransomware.JPG"
content-length: 1914
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 1 KB
1 KB 746ms
744ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2f20220302095610_RVBD-Aternity-Lockup.jpg&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fcb003d472154f94b33af9a9387972c9930c65a786077fb527407bb230f87c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/20220302095610_RVBD-Aternity-Lockup.jpg"
content-length: 1316
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 15 KB
15 KB 746ms
745ms Image
image/png 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fITN_HelpSystems_0222_Inter.png&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1e6f97bb2faa88db0884736640299ae3182de6bfb73f2be2e47db465b3753e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/ITN_HelpSystems_0222_Inter.png"
content-length: 15226
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 2 KB
2 KB 747ms
745ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fping_identity.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aaccce9f5bfeff04e43f1fd8843da1ccf4d48e7edab0086886ec69bf13debe1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/ping_identity.JPG"
content-length: 2428
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 3 KB
3 KB 747ms
746ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fFortinet_Networking_Cybersecurity_Index.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee17c613ed2ebc4defb62864a13c2ef23e1f2b0b49451c3f97f194d0359345f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/Fortinet_Networking_Cybersecurity_Index.JPG"
content-length: 3121
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2

200

mobile-share-twitter.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-twitter.png
https://www.itnews.com.au/images/mobile-share-twitter.png

2 KB
2 KB

279ms
278ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-twitter.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "2233f6e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2448
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-twitter.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 180
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-facebook.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-facebook.png
https://www.itnews.com.au/images/mobile-share-facebook.png

1 KB
1 KB

279ms
278ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-facebook.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "79a9ece11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1432
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-facebook.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-linkedin.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-linkedin.png
https://www.itnews.com.au/images/mobile-share-linkedin.png

2 KB
2 KB

279ms
278ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-linkedin.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "79a9ece11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1733
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-linkedin.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-whatsapp.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-whatsapp.png
https://www.itnews.com.au/images/mobile-share-whatsapp.png

3 KB
4 KB

279ms
279ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-whatsapp.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1ef8fae11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3541
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-whatsapp.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-email.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-email.png
https://www.itnews.com.au/images/mobile-share-email.png

2 KB
2 KB

279ms
279ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-email.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9c82e5e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2375
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-email.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 178
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 13 KB
13 KB 1018ms
1017ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2ftax_form_ATO.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 514948b990e4feb83adfe5e20b02ea2d52d52d1d74fff52e045fd3469be58bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/tax_form_ATO.jpg"
content-length: 12873
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 18 KB
18 KB 1018ms
1017ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2foptus-store+iStock_690.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0f51be3d59beeab87af20529dd26391d93ac5a24d1749fb6ad3af63d58603294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/optus-store iStock_690.jpg"
content-length: 18690
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 10 KB
10 KB 1020ms
1019ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fAytenOzenc2.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bf6eb81d2f0ae2a0198948b2ad42234e710fbe8146c4bd802b89bdcaba5f7ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/AytenOzenc2.jpg"
content-length: 10522
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 19 KB
19 KB 1021ms
1019ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fbiometrics_fingerprint_scan.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de089a1f4b50646a7ad59fb72bf584ef22c46fa61bc468f08cbed592f3e3a388

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/biometrics_fingerprint_scan.jpg"
content-length: 19744
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 59 KB
60 KB 1022ms
1020ms Image
image/png 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fActivison_blizzard_metaverse.png&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 57ec11788b4c6fe3f3f9865bcaa5d26f76dd70f64fcf7c21f5df634c201c108c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/Activison_blizzard_metaverse.png"
content-length: 60791
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 4 KB
4 KB 1292ms
1291ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fiStock-1309701000.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 37394651b95dda9e8bb1f749671b17658847a4d98b24400a619bd3022940960c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/iStock-1309701000.jpg"
content-length: 3906
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 1293ms
1292ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fiStock-1353849384.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eabfa2c6f318f6b75277efaf8b857efc7be1996648af308ecf700619f0a1dc63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/iStock-1353849384.jpg"
content-length: 9166
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 5 KB
6 KB 1294ms
1293ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fMark_Macumber_PlayHQ_Head_of_Technology.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ac61affb2c53245cac26fc3f5639e9099083b533cce159c1789021bc9cba1ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/Mark_Macumber_PlayHQ_Head_of_Technology.jpg"
content-length: 5585
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 10 KB
11 KB 1295ms
1294ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fiStock-1185135641.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 887f930f37e34d35402ae409f73086dbe4a2131a0f060361b30c5313899bfc49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/iStock-1185135641.jpg"
content-length: 10707
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 77 KB
77 KB 1296ms
1295ms Image
image/png 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fbri_brady_bnch.png&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2aa340c2aed0e9ab3b3605a83f08471526e68dde27dbd8422a638147e4d460d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/bri_brady_bnch.png"
content-length: 78881
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 5 KB
5 KB 1304ms
1302ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2f1643011317593.jpeg&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28d16ff177150e7eae3726d0a569a1854a310ec00f416107559cd266fe547b1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/1643011317593.jpeg"
content-length: 4647
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 6 KB
6 KB 1305ms
1304ms Image
image/jpeg 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fBlackBook-Zero-15-Phantom-right.jpg&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb78da83b6aecb5e02430b98742d5a902a032b3cbbf9614313a71072bd28278d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/BlackBook-Zero-15-Phantom-right.jpg"
content-length: 5855
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 64 KB
0 1306ms
1305ms Image
image/png 203.176.102.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fEvents%2f20220303092641_iot-impact-intro-image1.png&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/Events/20220303092641_iot-impact-intro-image1.png"
content-length: 82730
expires: Mon, 21 Mar 2022 00:28:22 GMT

GET
H2 200 logo_nextmedia.png
www.itnews.com.au/images/ 3 KB
3 KB 281ms
280ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/logo_nextmedia.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "c45cdee11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3458
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 interactive-logo.png
www.itnews.com.au/images/ 11 KB
12 KB 546ms
545ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/interactive-logo.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f04c6ba9510ec8d7ccdeca4edc6f5de95ebabf01675599d67aba6a23c05f76e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b235b8e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 11720
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 t.ashx
www.itnews.com.au/ 70 B
219 B 551ms
550ms Image
image/gif 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/t.ashx?u=&c=577458&s=3&r=https%3a%2f%2fapple.news%2f&n=%2fnews%2fArticle.aspx&q=id%3d577458
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
x-ua-compatible: IE=edge,chrome=1
content-length: 70
expires: -1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 01:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 01:07:42 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 23:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 23:09:54 GMT

GET
H2 200 gdpr.js Show response
www.itnews.com.au/scripts/ 4 KB
1 KB 277ms
274ms Script
application/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/gdpr.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:08:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01c50e51938d81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1378
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 itn_70959f89ed94799f39099b9c8a556bb3.js Show response
www.itnews.com.au/scripts/ 139 KB
42 KB 279ms
273ms Script
application/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 125960938cda0ce106c26a7bb75d9739aa81b06ce576f80b70ff7bcf160d02ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 23:42:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "081d799583ad81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 42973
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ss.js Show response
koi-3qnnf9xqbw.marketingautomation.services/client/ 12 KB
5 KB 228ms
121ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.240.178.107.bc.googleusercontent.com
Software: openresty /
Resource Hash: 926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 14:38:30 GMT
server: openresty
etag: W/"623347e6-2fc8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=604800, public
alt-svc: clear
expires: Fri, 25 Mar 2022 00:28:22 GMT

GET
H2

200

breaking-news-header-bkg-40.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png

2 KB
2 KB

276ms
275ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "65c364e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2338
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 187
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

itnews-logo-white.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/itnews-logo-white.png
https://www.itnews.com.au/images/itnews-logo-white.png

4 KB
4 KB

276ms
275ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dfcd0e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3959
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/itnews-logo-white.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 177
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

search-icon.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/search-icon.png
https://www.itnews.com.au/images/search-icon.png

2 KB
2 KB

276ms
276ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/search-icon.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "aa9236e21938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2259
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/search-icon.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 171
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 124ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 104271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H2 200 PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v9/ 18 KB
19 KB 218ms
135ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_xRfK9oXHga0XdZsg_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:16:53 GMT
x-content-type-options: nosniff
age: 87089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18860
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:16:53 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 37ms
20ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1813341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LeJ34cSnV2QfKf8nZjk9EdCcVHAFB%2FM0jmlmE2TAACtFymzhm1bLW%2BWAPBSDWA8wMZXYSVOj0u8Dk7EKb0SZJZ2jQbPW%2BgkJFD1zc8WLTdupYvAMs0FAmXc%2BS5GoKHFoeiUF9hMIEILSe5P%2Fa%2BoKicv"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ed9d90ffd5a995c-FRA
expires: Wed, 08 Mar 2023 00:28:22 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 206ms
123ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 104272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H2 200 PN_yRfK9oXHga0XVzeoqghzW.woff2
fonts.gstatic.com/s/martel/v9/ 19 KB
19 KB 167ms
95ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XVzeoqghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 18:44:26 GMT
x-content-type-options: nosniff
age: 107036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19072
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 18:44:26 GMT

GET
H2 200 recirculation.epl Show response
www.dianomi.com/ Frame D8B7 2 KB
665 B 141ms
100ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/recirculation.epl?id=119

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74bd60fe5d2e6dfcb24885aa9431314b504257241deb66c821da35152edbde59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed9d910599d9a23-FRA
content-encoding: br

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame E1F6 7 KB
2 KB 131ms
91ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5141

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57d45c260349171bf6abd267b81b38dffcc46db86565bad138e6aa76c3caae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2818/17.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed9d91059a09a23-FRA
content-encoding: br
cf-h2-pushed: </img/a/pss/2818/17.css>

GET
H2 200 sponsoredcontent.ashx Show response
www.itnews.com.au/scripts/ 1 KB
1 KB 509ms
508ms Script
text/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/sponsoredcontent.ashx?type=SponsoredLink&si=Blogs&pa=&sc=32&output=script&ros=True&ord=5781228534734668
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9425b0e837cb9c9590b51c1d888b85253282602b9409aca94363c2c19369a299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: public
x-ua-compatible: IE=edge,chrome=1
content-length: 1157
expires: Fri, 18 Mar 2022 01:28:21 GMT

GET
H2 200 end-quote.png
www.itnews.com.au/images/ 1 KB
1 KB 490ms
490ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/end-quote.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51d03b0e5c77c8e9a0f743307168b9f7db8ba1d9e0e24cc287be4506f2609576

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b2c0a2e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1172
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 play-btn.png
www.itnews.com.au/images/featured/ 2 KB
2 KB 487ms
487ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/featured/play-btn.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:05 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1b46afe31938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2120
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-comments.png
www.itnews.com.au/images/ 981 B
1 KB 486ms
485ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-comments.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a0e7e32cf14caf3c5f5b29e79bd8711348a5bf2137a12104d2cd1b1110b0f272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a1c445e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 981
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-tw.png
www.itnews.com.au/images/ 747 B
804 B 486ms
485ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-tw.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fa4b9d9a56c65d6f525056d71f4e46b1f2750e86960343402424d88c13772f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b8fe5fe11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 747
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-fb.png
www.itnews.com.au/images/ 345 B
402 B 486ms
485ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-fb.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 413dc61acc8e9741b76a34382ddbe3632052fe38d580bd2680d3e9d407ceb6be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "55894ae11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 345
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-li.png
www.itnews.com.au/images/ 473 B
530 B 486ms
486ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-li.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1096ae848f7e01f065ce530dcd17bd1a1af503a2c4ae83cbf8972e900446e36a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "95d758e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 473
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-feedback_2.png
www.itnews.com.au/images/ 678 B
735 B 487ms
486ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-feedback_2.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 96f1173b3c05e0f7230e3d2b4ac6ebd7d816de5e71ebabfbe20e2b339dba6078

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ed1254e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 678
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-email.png
www.itnews.com.au/images/ 744 B
800 B 487ms
486ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-email.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a7f7b00e22cf33ff4aeef9005ebb800ccad9f67e326142d8ba30c2e801ac719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "32748e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 744
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-print.png
www.itnews.com.au/images/ 709 B
766 B 487ms
486ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-print.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ea6da8487b903fd84a283d780bede1ae1da97d7f2c364653e790822405505f62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "783a5be11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 709
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 PN_yRfK9oXHga0XV5e8qghzW.woff2
fonts.gstatic.com/s/martel/v9/ 18 KB
19 KB 138ms
109ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV5e8qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:29:52 GMT
x-content-type-options: nosniff
age: 86310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18820
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:29:52 GMT

GET
H2 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v9/ 19 KB
19 KB 172ms
144ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:16:53 GMT
x-content-type-options: nosniff
age: 87089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19012
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:16:53 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 105ms
77ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 104271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H2 200 17.css
www.dianomi.com/img/a/pss/2818/ Frame E1F6 2 KB
959 B 14ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2818/17.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2343738
cf-polished: origSize=2720
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Nov 2021 22:23:27 GMT
server: cloudflare
etag: W/"aa0-5d1904e9678f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 10:28:22 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6ed9d910da299a23-FRA
cf-bgj: minify

GET
H2 200 viewability10.js Show response
www.dianomi.com/js/ Frame E1F6 7 KB
3 KB 31ms
31ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability10.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3d83182d981db2e72f00211d9e93ae55db41b31aa8239b589a725521f6b3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11
cf-polished: origSize=10836
last-modified: Mon, 21 Feb 2022 14:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"2a54-5d88837f2e3fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 6ed9d9110a5e9a23-FRA
expires: Fri, 18 Mar 2022 00:30:22 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame E1F6 1 KB
1 KB 25ms
24ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1739827
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 10:28:22 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed9d9111a6d9a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/243544/4/ Frame E1F6 2 KB
2 KB 24ms
23ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/243544/4/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c939396ef55a6799bfa96670de5119100bfcc8e45d41fe930ffb37ce8b21ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1204773
cf-polished: qual=85, origFmt=jpeg, origSize=3400
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1582
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Feb 2022 06:04:30 GMT
server: cloudflare
etag: "d48-5d702ca779496"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 10:28:22 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed9d9111a729a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/247386/3/ Frame E1F6 2 KB
2 KB 38ms
37ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/247386/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52f6f12b9edfc51c6a77b9fd9fe9a1cc25f0557a152bf9d08dd5060777eb32f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 105422
cf-polished: qual=85, origFmt=jpeg, origSize=12673
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1994
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 13:28:51 GMT
server: cloudflare
etag: "3181-5d9dd31e73e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 10:28:22 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed9d9111a739a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/217466/8/ Frame E1F6 2 KB
3 KB 52ms
52ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/217466/8/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b927955ca67351ea793fa1b2775d13af9add707afc067b091c7ad9a56c43bc53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=4569
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2446
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Mar 2022 00:11:40 GMT
server: cloudflare
etag: "11d9-5d9bdf11d7be8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 10:28:22 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed9d9111a749a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/241952/3/ Frame E1F6 2 KB
3 KB 40ms
40ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/241952/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7bb464f9088820a7e05dc96b797cd450be5c411aa0abd20729e2a2c28c5593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 214160
cf-polished: degrade=85, origSize=3464, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2461
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Dec 2021 13:53:14 GMT
server: cloudflare
etag: "d88-5d4494254ee44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 10:28:22 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed9d9111a759a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/249777/3/ Frame E1F6 5 KB
5 KB 90ms
90ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/249777/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc49368e6acae2f9ba953c1c634dacfe4edb493899c14546df98d9bd8c825941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5081
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Mar 2022 21:41:22 GMT
server: cloudflare
etag: "13d9-5da348a9a8187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed9d9111a779a23-FRA
expires: Sun, 17 Apr 2022 10:28:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E1F6 4 KB
534 B 97ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35a766d4f52783a8e584eca5fb387a5a594760f5ae0dfa0925a863b6e046007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 00:28:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 00:28:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 00:28:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E1F6 2 KB
428 B 96ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f78f75320dd57ed94f05a30758a5044fe7ccdfef38669edc228f972414834f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 22:37:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 00:28:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 00:28:22 GMT

GET
H2 200 17.css
www.dianomi.com/img/a/pss/2818/ Frame D8B7 2 KB
803 B 25ms
24ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2818/17.css

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2343738
cf-polished: origSize=2720
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Nov 2021 22:23:27 GMT
server: cloudflare
etag: W/"aa0-5d1904e9678f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 10:28:22 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6ed9d9112a919a23-FRA
cf-bgj: minify

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/677101687/1/ Frame D8B7 2 KB
2 KB 47ms
46ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/677101687/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

542ee8ef7e0f4ebe0e7674373af758bd665022030b53f0e4ca8e8391be6ed4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3200
content-disposition: inline; filename="100x70.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 11:55:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 25 Mar 2022 00:28:22 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed9d9112a929a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/677066952/1/ Frame D8B7 1 KB
2 KB 49ms
46ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/677066952/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7afdebdd0e3a94b1b5ea5ab56c1bbc99055cc2941e8e1d62ff37b123a4eb0b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3508
content-disposition: inline; filename="100x70.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 03:44:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 25 Mar 2022 00:28:22 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed9d9114aa19a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/677065389/1/ Frame D8B7 3 KB
3 KB 30ms
27ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/677065389/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a67104aaf06587cabee0eba456e628545ff9b83e95ee164c9779ca743d0ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 52049
cf-polished: degrade=85, origSize=11195, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 02:40:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 25 Mar 2022 00:28:22 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed9d9114aa69a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/497444913/1/ Frame D8B7 3 KB
3 KB 61ms
59ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/497444913/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cec20407c60a79d7aa86d91e4a0c2bec0023e02b9167980e76a79f476dd0ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3016, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 18:24:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 25 Mar 2022 00:28:22 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed9d9114aa79a23-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/677065385/1/ Frame D8B7 2 KB
3 KB 31ms
29ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/677065385/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924096ff8a55fcd348d1a877b2c432fc5af8c4c210382abda8b81c98916e1a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68769
cf-polished: origSize=2620, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 02:40:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 25 Mar 2022 00:28:22 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed9d9114aa89a23-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 49ms
10ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Mar 2022 20:16:02 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=80094
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3073

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 147ms
59ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:28:22 GMT

GET
H2 200 hotjar-2321248.js Show response
static.hotjar.com/c/ 4 KB
2 KB 83ms
49ms Script
application/javascript 108.157.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2321248.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-113.dus51.r.cloudfront.net

Software

Resource Hash

e70c29d610315cc0cfa9f747e61bb05a1b8f3216470f05c0e5bc1eb532fd7991

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/bd245fef497508cc3e54c27d39c3309d
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1904
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-id: 9A9L-P6QPJyWDLj0PJieYCb2ICrsdxGL1lZuB_tA2UJdGAcdHqYSkw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 52ms
17ms Script
application/x-javascript 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: Qvan2NtqT4o5LObjakjyzHBb0sYfUCWCfzb2inN3LbHF1o2r9D7NKxLT8/sc9Zsc3dzyyONeevnxG/gkZkdbQw==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Fri, 18 Mar 2022 00:28:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 21321196.js Show response
js.hs-scripts.com/ 975 B
905 B 179ms
141ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bcadac850edf549637bff307161103d88a4d437c4a23d29d831372bf53566c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 0771a689-6528-4482-a301-d02c744ef5f5
last-modified: Fri, 18 Mar 2022 00:21:33 GMT
server: cloudflare
x-trace: 2B42A72F728C1690C95252D84C1A87F6CF6065CC20000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.itnews.com.au
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ed9d911aacb9942-FRA
expires: Fri, 18 Mar 2022 00:29:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D8B7 4 KB
534 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35a766d4f52783a8e584eca5fb387a5a594760f5ae0dfa0925a863b6e046007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 00:28:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 00:28:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 00:28:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D8B7 2 KB
428 B 60ms
59ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f78f75320dd57ed94f05a30758a5044fe7ccdfef38669edc228f972414834f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 00:28:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 00:28:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 00:28:22 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame E1F6 23 KB
23 KB 106ms
58ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 104271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H3 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v9/ Frame E1F6 19 KB
19 KB 120ms
73ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:16:53 GMT
x-content-type-options: nosniff
age: 87089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19012
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:16:53 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame E1F6 23 KB
23 KB 135ms
89ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 104272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1647563301993%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-57...

0
264 B

173ms
154ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&liSync=true&e_ipv6=AQJ0X-I1x_nZ3gAAAX-abOjFq11nNj03SG1jq9tfGA0Zj7qgnEPzAC2-2_8MUKEzJjbENP3q
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 47E99E9C5D034EC5A8DDCEDCB51CCF77 Ref B: FRAEDGE1315 Ref C: 2022-03-18T00:28:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXaczlv2Vmh9Nx2XkZWeA==
x-li-fabric: prod-ltx1

Redirect headers

date: Fri, 18 Mar 2022 00:28:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 04065595A4F84F95BA2294FC3DDD02AD Ref B: FRAEDGE0807 Ref C: 2022-03-18T00:28:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647563301993&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&liSync=true&e_ipv6=AQJ0X-I1x_nZ3gAAAX-abOjFq11nNj03SG1jq9tfGA0Zj7qgnEPzAC2-2_8MUKEzJjbENP3q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXaczltF1zto3ZsBAVTlw==

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame D8B7 23 KB
23 KB 66ms
41ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 104271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H3 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v9/ Frame D8B7 19 KB
19 KB 125ms
101ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:16:53 GMT
x-content-type-options: nosniff
age: 87089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19012
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:16:53 GMT

GET
H3 200 991594294528179 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 84ms
66ms Script
application/x-javascript 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/991594294528179?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fd64c2c58a6f00031bbb33c485f9898b743fbddd9bbe9ac9e88bfe4d47535ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4/TeFpl9dNdtDsn3WaL+Czw5N4KChEgyoa98NQxHGCdSpHl+oaY2lMHeRP/sGegPGzVTCLCz5DQV5/H1vZSuZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Mar 2022 00:28:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 39ms
8ms Script
application/javascript 13.224.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2321248.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-59.fra2.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 660376
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: n50bdt7BjCVru-BQt1p-N7g-lLH89sslHbSPO8dZSLhRIn-j-gwhvw==

GET
H2 200 koi Show response
koi-3qnnf9xqbw.marketingautomation.services/ 148 B
606 B 175ms
175ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qnnf9xqbw.marketingautomation.services/koi?rf=https%3A%2F%2Fapple.news%2F&hn=www.itnews.com.au&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1647563301967&ac=KOI-4BG98ANIO8&ts=1647563302&pt=0&pl=0&loc=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&tp=page&ti=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews

Requested by

Host: koi-3qnnf9xqbw.marketingautomation.services
URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.240.178.107.bc.googleusercontent.com

Software

openresty /

Resource Hash

8c4ed72ccdb83bf66af9838ed668f1bfa3d90d97b0316cd17e6d9cd0d02618fe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Fri, 18 Mar 2022 00:28:22 GMT
server: openresty
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
via: 1.1 google
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-6ffd4dd4bd-w8md9
content-type: application/javascript
alt-svc: clear
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/ 3 KB
2 KB 135ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/?random=1647563302103&cv=9&fst=1647563302103&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&ref=https%3A%2F%2Fapple.news%2F&tiba=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b501935820a4417e73b5bf4a3ff315426b73c6f18ccad1e66d9d95a3582b4ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1107
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 21321196.js Show response
js.hs-analytics.net/analytics/1647563100000/ 62 KB
20 KB 182ms
146ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1647563100000/21321196.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac463ea59caaea49defda8c92d9563474db120a2d34780e72860f224ddb34542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 67G4H2H9KGANS0EJ
x-amz-server-side-encryption: AES256
cf-ray: 6ed9d912ce1a9016-FRA
x-amz-id-2: jRSZZfDVu3LUABnAL6sEHv7I49N5Le46BFolqAGN47oXsS0QBlNrxC46gHnHMzuBSr4EchmCXO8=
last-modified: Wed, 09 Mar 2022 03:40:20 GMT
server: cloudflare
etag: W/"4360ee6e797b6495e7b339016acddf64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 18 Mar 2022 00:33:22 GMT

GET
H2 200 237470.js Show response
js.hs-banner.com/21321196/ 61 KB
16 KB 312ms
279ms Script
text/plain 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/21321196/237470.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b76a8015ac1a205492878201b11517148cfc2213150c8480c3473fb15d48128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: f10f41f9-291d-4c96-bb78-6e052677d4f1
timing-allow-origin: *
last-modified: Thu, 17 Mar 2022 23:40:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.itnews.com.au
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6ed9d912c8c59bb6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 18 Mar 2022 00:33:22 GMT

GET
H3 200 470261513615109 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/470261513615109?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0ee8eba408d9baf59a228777c850dbe4ebda67a4d1ac3eaf6ec0c2fcd9cfd09

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: FPBijbyXpuApHFaryR27s4jc4iWeSTpx3Vi6IDAMXYxxvePomn0eECJQjqI6ggDVpgbZB8QkKUVv0BWwWHGrbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Mar 2022 00:28:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET

20220228043335_small.png
i.nextmedia.com.au/Assets/
Redirect Chain

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2f20220228043335_small.png&s=20220228043335_small.png
https://i.nextmedia.com.au/Assets/20220228043335_small.png

0
0

GET

RVBD-Aternity-Lockup85x25.jpg
i.nextmedia.com.au/Assets/
Redirect Chain

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2fRVBD-Aternity-Lockup85x25.jpg&s=RVBD-Aternity-Lockup85x25.jpg
https://i.nextmedia.com.au/Assets/RVBD-Aternity-Lockup85x25.jpg

0
0

GET
H2

200

bullet.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/bullet.png
https://www.itnews.com.au/images/bullet.png

171 B
225 B

275ms
275ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/bullet.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "4a4d6ee11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 171
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/bullet.png
date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 166
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 network-bar-logos.png
www.itnews.com.au/images/ 9 KB
9 KB 275ms
275ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/network-bar-logos.png?q=20211001
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "44bdffe11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 9407
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
14ms Script
text/javascript 2a00:1450:400e:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 763
date: Fri, 18 Mar 2022 00:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Mar 2022 02:15:40 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/658328797/ 42 B
548 B 133ms
49ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658328797/?random=1647563302103&cv=9&fst=1647561600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&ref=https%3A%2F%2Fapple.news%2F&tiba=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&async=1&fmt=3&is_vtc=1&random=1582567796&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/658328797/ 42 B
548 B 137ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658328797/?random=1647563302103&cv=9&fst=1647561600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&ref=https%3A%2F%2Fapple.news%2F&tiba=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&async=1&fmt=3&is_vtc=1&random=1582567796&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5f83be4dd2cc51a7cb000001.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 36ms
7ms Script
text/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5f83be4dd2cc51a7cb000001.js

Requested by

Host: koi-3qnnf9xqbw.marketingautomation.services
URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

33391baaec782c378a1fb4d805c86c1701a684befeff518eed6e87db2a2b5e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
server: Cowboy
age: 1460
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=1800
accept-ranges: bytes
x-timer: S1647563303.086621,VS0,VE0
content-length: 3897
x-cache-hits: 1

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame ADC9 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.itnews.com.au
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 179565
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Mar 2022 00:28:23 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67AA)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H/1.1 200
OK embed.js Show response
itnewsnext.disqus.com/ 78 KB
25 KB 179ms
155ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/embed.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

df26bab7591d49547fd3ffa619eec58cb9c080edb537b5a66a62b935e2dcc138

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25395
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK count.js Show response
itnewsnext.disqus.com/ 1 KB
2 KB 20ms
6ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/count.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 11 Mar 2022 23:05:12 GMT
Server: nginx
ETag: "622bd5a8-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: iVkPKYL_PObQfTnbd0URVrjjcFb6wnPdDE7NZ1UIhtGhSQNFo6u3DA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 132ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27856
x-xss-protection: 0
server: sffe
etag: "1161 / 941 of 1000 / last-modified: 1647554712"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Mar 2022 00:28:23 GMT

GET
H2 200 twitter.ashx Show response
www.itnews.com.au/utils/ 1 B
64 B 277ms
275ms XHR
text/plain 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/utils/twitter.ashx?u=%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cache-control: private
content-length: 1
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 facebook.ashx Show response
www.itnews.com.au/utils/ 1 B
37 B 455ms
454ms XHR
text/plain 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/utils/facebook.ashx?u=%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cache-control: private
content-length: 1
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 54ms
16ms Image
image/gif 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=991594294528179&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1647563302370&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1647563302369.71890116&it=1647563302026&coo=false&exp=p1&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 18 Mar 2022 00:28:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 50ms
17ms Image
image/gif 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=470261513615109&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1647563302372&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22672696263472981%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22264926417805007%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.2.1647563302369.71890116&it=1647563302026&coo=false&exp=p1&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 18 Mar 2022 00:28:23 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 36ms
17ms Image
image/gif 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=991594294528179&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1647563302382&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&cd[content_ids]=577458&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1647563302369.71890116&it=1647563302026&coo=false&exp=p1&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 18 Mar 2022 00:28:23 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 35ms
16ms Image
image/gif 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=470261513615109&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1647563302383&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&cd[content_ids]=577458&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1647563302369.71890116&it=1647563302026&coo=false&exp=p1&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 18 Mar 2022 00:28:23 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame ADC9 357 B
492 B 128ms
111ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.itnews.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d5ee4839532847b75e00230a047c1c3a7065745e5d03385e46b3500d6bde92b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 18 Mar 2022 00:28:22 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 00:28:23 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6ee706ae50ad88ecac69f96d17a1bdd3a2a08abcce5ef054792a95451d68c9c9
content-length: 212

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 34ms
18ms XHR
text/plain 2a00:1450:400e:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1139108445&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&dr=https%3A%2F%2Fapple.news%2F&ul=en-us&de=UTF-8&dt=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=297927967&gjid=293100679&cid=1049677494.1647563302&tid=UA-102830131-1&_gid=1406374632.1647563302&_r=1&_slc=1&cd1=News&cd2=Technology&cd3=Security&cd4=%7Cbitb%7Cgmail%7Cmrd0x%7Coutlook%7Cphishing%7Csecurity%7Cspiderlabs%7Ctrustwave%7C&cd5=0&z=2007144520

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 3E45 2 KB
1 KB 53ms
9ms Document
text/html 108.157.4.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2321248.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-102.dus51.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: L-gmCfP5XeQ4Tbqo9gJTzIRcGkEqLP1rJ8s-FXRH7xx8hQwYV1YXOg==
age: 3598577

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=147698&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag

125 B
454 B

27ms
27ms

Script
text/javascript

34.253.71.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 34.253.71.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-71-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 04e9945037f819c997914cac1aed4692a135400ae57bda7f56d61571673bfdec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102830131-1&cid=1049677494.1647563302&jid=297927967&gjid=293100679&_gid=1406374632.1647563302&_u=YEBAAEAAAAAAAC~&z=144086800

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Mar 2022 00:28:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK count-data.js Show response
itnewsnext.disqus.com/ 239 B
822 B 9ms
7ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/count-data.js?1=577458

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9e87d03cfa794663ff980662210b8f2e4f2431ce6be676385b2b9f0b4637c575

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 603
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 239
X-XSS-Protection: 1; mode=block

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2321248/ 146 B
321 B 106ms
31ms XHR
application/json 99.80.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2321248/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.58.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-58-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 2473
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (frb/67F3)
Etag: "29cf2e2367fd80ea2a4908fe0d316028+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 9493 487 B
1 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 672
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Mar 2022 00:28:23 GMT
Etag: "1ff2961abd5b04cc5e0b8c3636b3c629"
Last-Modified: Tue, 15 Mar 2022 22:32:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
356 B 116ms
115ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22experiment_key%22%3A%22tfw_skeleton_loading_13398%22%2C%22bucket%22%3A%22cta%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221504128871632941058%22%5D%2C%22item_details%22%3A%7B%221504128871632941058%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647563302576%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_skeleton_loading_13398%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Fri, 18 Mar 2022 00:28:23 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6ee706ae50ad88ecac69f96d17a1bdd3a2a08abcce5ef054792a95451d68c9c9
x-transaction: aaf1a921acd620b4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK embed.runtime.6b5d3661e7231f9606f3.js Show response
platform.twitter.com/embed/ Frame 9493 10 KB
5 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 4452
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67F3)
Etag: "4fd3e986c160013643e8bc617c599e49+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.modules.aef85bf61d706d7edafa.js Show response
platform.twitter.com/embed/ Frame 9493 515 KB
168 KB 15ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: 655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179563
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 171389
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6772)
Etag: "b2faf8accdee57f7929c5b7623e6e7a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.i18n.293ca00a272b34d032a9.js Show response
platform.twitter.com/embed/ Frame 9493 2 KB
1 KB 27ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.293ca00a272b34d032a9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 792
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6762)
Etag: "22e04932e731bc174868c60c46980c73+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.c31baac24debe5533d7c.js Show response
platform.twitter.com/embed/ Frame 9493 15 KB
6 KB 27ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.c31baac24debe5533d7c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 5529
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67C0)
Etag: "b96eda3c68570721e8ffec6945c4166c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 61ms
8ms Other
text/css 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8643676
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: gGbEvp55lCTaa4M5QlMGNqEU8iYp0V3FCuLGS5TpTcD6Em7gtgy3lA==
x-cache-hits: 0

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
c.disquscdn.com/next/embed/ 0
93 KB 67ms
14ms Other
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699093
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 7XozvyLxo6a5iqdxiu4NgsamvHOM1B6K3WBUTeJpgkr1QcsVUNgl7g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.8a051c75736795faf464e93aee7362f6.js
c.disquscdn.com/next/embed/ 0
121 KB 7ms
7ms Other
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.8a051c75736795faf464e93aee7362f6.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625427
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123077
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 10 Mar 2022 18:35:58 GMT
server: nginx
etag: "622a450e-1e0c5"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Fri, 10 Mar 2023 18:44:36 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: aSpOzbOj__DX5lrDJzX0pjXMQlk6S9Pyttpl7mfMl5UmjenNDxy31Q==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 176ms
11ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 11
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
itnewsnext.disqus.com/ 64 KB
21 KB 119ms
118ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/recommendations.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

4b5592f9640f6a7cc307e866c12e10a1389eafc8519c4e9a173a7bb36e013b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21273
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 203ms
38ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 00:19:11 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
709 B 232ms
48ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itnews.com.au

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b786d4b3f2bbece6095ce516580e73a29b34eb63fa36d691c5d6cd63dc9f3305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73
x-xss-protection: 0
expires: Fri, 18 Mar 2022 00:28:23 GMT

GET
H/1.1 200
OK embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js Show response
platform.twitter.com/embed/ Frame 9493 38 KB
13 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12780
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/668C)
Etag: "620123f935ecdf8c083ef823e0eeda3d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.en-js.e84cb370ed3e40856450.js Show response
platform.twitter.com/embed/ Frame 9493 4 KB
2 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.en-js.e84cb370ed3e40856450.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 1801
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6727)
Etag: "668b3e5058c7ed61a38da6c433123235+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js Show response
platform.twitter.com/embed/ Frame 9493 4 KB
2 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 1801
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6795)
Etag: "3fa047c294a1fd7d30105f7a1e2febcc+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 6C6B 7 KB
4 KB 123ms
119ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

81fa5841ac9aaa4517110eb390a877377b7903aa8270ab5998cc67e0c4a8e141

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Connection: keep-alive
Content-Length: 2748
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 19:59:44 GMT
ETag: W/"lounge:view:9074322267.3548a5704942401227e2a5730b071344.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Fri, 18 Mar 2022 00:28:23 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202203|6233d2267d182e52e7248cc6&pid=pa_mFLwlX5PRgNTB0g7k
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202203%7C6233d2267d182e52e7248cc6%26pid%3Dpa_mFLwlX5PRgNTB0g7k
https://pixel-geo.prfct.co/usermap/?xid=7554898630455882158&sid=202203|6233d2267d182e52e7248cc6&pid=pa_mFLwlX5PRgNTB0g7k

43 B
256 B

28ms
27ms

Image
image/gif

34.253.71.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=7554898630455882158&sid=202203|6233d2267d182e52e7248cc6&pid=pa_mFLwlX5PRgNTB0g7k
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 34.253.71.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-71-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 00:28:23 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 828394d7-ec91-42f6-a39f-fb4f3885001b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/usermap/?xid=7554898630455882158&sid=202203|6233d2267d182e52e7248cc6&pid=pa_mFLwlX5PRgNTB0g7k
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mFLwlX5PRgNTB0g7k

43 B
356 B

163ms
113ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mFLwlX5PRgNTB0g7k

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 18 Mar 2022 00:28:22 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: fd0b86a5616d185eda0f3ddbedb3277d0bfddf1f83379f36cd3de8ae0934a4a8
content-length: 43

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mFLwlX5PRgNTB0g7k
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_mFLwlX5PRgNTB0g7k&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_mFLwlX5PRgNTB0g7k&_origin=1&verify=true

0
122 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_mFLwlX5PRgNTB0g7k&_origin=1&verify=true

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_mFLwlX5PRgNTB0g7k&_origin=1&verify=true
date: Fri, 18 Mar 2022 00:28:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_mFLwlX5PRgNTB0g7k

43 B
274 B

51ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_mFLwlX5PRgNTB0g7k
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:23 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_mFLwlX5PRgNTB0g7k
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mFLwlX5PRgNTB0g7k

0
239 B

32ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mFLwlX5PRgNTB0g7k
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mFLwlX5PRgNTB0g7k
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfbUZMd2xYNVBSZ05UQjBnN2s
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

27ms
27ms

Image
image/gif

34.253.71.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 34.253.71.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-71-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 122ms
103ms Image
image/gif 34.253.71.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=24171911&source=js_tag&a_id=147698
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.71.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-71-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 7ms
7ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?t=2&add=24171911

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 00:28:23 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 97c27710-7fa9-4670-b67a-ac5029929f34
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 9ms
8ms Other
text/css 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12971098
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: foDshFXBONYWFzu407vMT9Wpyc3AaxeXZhOZQHpICVevfHuPehbjCg==
x-cache-hits: 0

GET
H2 200 common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js
c.disquscdn.com/next/recommendations/ 0
87 KB 9ms
8ms Other
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699090
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88824
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-15af8"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: IRsls7c0S7FAdNemIPqUce-siorzTWcR8YEEkDw78RGizTRKvj8WTg==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 13ms
13ms Other
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 02:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3881355
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 26 Jan 2022 21:59:14 GMT
server: nginx
etag: "61f1c432-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Wed, 01 Feb 2023 02:19:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 3gOIq_UnHYDMg3UdJ2UhRiotYGUtIUm_M0p75zNHjIDotTq8AzMPSw==
x-cache-hits: 0

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js Show response
platform.twitter.com/embed/ Frame 9493 418 KB
117 KB 10ms
10ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 118888
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67BA)
Etag: "837121804a3c0a218129592fe2f12885+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js Show response
platform.twitter.com/embed/ Frame 9493 35 KB
11 KB 19ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 10666
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6776)
Etag: "f62e0963926319acfa13d3ac4b7b0d38+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js Show response
platform.twitter.com/embed/ Frame 9493 22 KB
6 KB 21ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 5646
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67BC)
Etag: "4d13e6c6f6b371c7531e1f6cb42e8677+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.3debca4342f31b7db9e1.js Show response
platform.twitter.com/embed/ Frame 9493 57 KB
13 KB 20ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.3debca4342f31b7db9e1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 13185
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67F3)
Etag: "982e43879d90b230cc9448e954bc2cbe+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 9493 3 KB
2 KB 218ms
195ms XHR
application/json 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_skeleton_loading_13398%3Acta%3Btfw_space_card%3Aoff%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_topic_pivots_embed_13545%3Acontrol%3Btfw_experiments_cookie_expiration%3A1209600&id=1504128871632941058&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

f06127811fdbe4dd809aeb81fbb2c415fda5f8fe83ce431fa9ac086082b679fe

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"b86-UwYTdH8XvQ0dipcNADmwDJLRelo"
x-powered-by: Express
access-control-allow-methods: GET
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=190
strict-transport-security: max-age=631138519
x-xss-protection: 0
x-response-time: 175
server: tsa_f
x-frame-options: SAMEORIGIN
date: Fri, 18 Mar 2022 00:28:23 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 03f3a4cc622bb74c0cd1f044e0baf806ac114a61ca45d1e0bc196a110da232c4
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame CC51 5 KB
3 KB 111ms
111ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ca7c7cf63fc0a6c0ab1bee18faa597ef9c5e86adf6bb2e148703cd9dcd53fcc4

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Connection: keep-alive
Content-Length: 2309
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 27 Sep 2021 07:24:13 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 18 Mar 2022 00:28:23 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1F64 0
15 B 16ms
16ms Document
text/plain 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.itnews.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 18 Mar 2022 00:28:23 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1203 0
15 B 16ms
16ms Document
text/plain 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.itnews.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 18 Mar 2022 00:28:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 140ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itnews.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itnews.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 close-white.png
www.itnews.com.au/images/ 438 B
519 B 276ms
275ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/close-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:21 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "6fad8fe11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 438
x-ua-compatible: IE=edge,chrome=1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 277 KB
43 KB 684ms
633ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1370548829192449&correlator=3395120879039730&eid=31063377%2C31065485%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=1003277%2CiTnews-SuperLeaderboard%2CiTnews-Leaderboard%2CiTnews-MREC%2CiTnews-Button%2CiTnews-inRead%2CiTnews-Interstitial%2CiTnews-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=1000x100%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x100%2C728x90%2C1x1%2C640x480%2C1x1&ifi=1&adks=667020349%2C2669764438%2C1265387520%2C3406322226%2C2734568407%2C4122735841%2C3533778239%2C727088295%2C964912442&sfv=1-0-38&ecs=20220318&ists=1&fsapi=false&prev_scp=%7Cpos%3Dtopb%7Cpos%3Dsto%7Cpos%3Dsto2%7C%7Cpos%3Dfooter%7C%7C%7C&cust_params=sec%3Dnews%26aid%3D577458%26cat%3Dsecurity%252Csecurity%252Ctechnology%26kwd%3Dbitb%252Cgmail%252Cmrd0x%252Coutlook%252Cphishing%252Csecurity%252Cspiderlabs%252Ctrustwave&sc=1&cookie_enabled=1&abxe=1&dt=1647563303040&lmt=1647563303&dlt=1647563300826&idt=2176&biw=1600&bih=1200&adxs=240%2C531%2C1044%2C1002%2C1002%2C240%2C464%2C-12245933%2C0&adys=234%2C80%2C669%2C3120%2C3400%2C3914%2C1910%2C-12245933%2C4639&oid=2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&ref=https%3A%2F%2Fapple.news%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1120x90%7C830x100%7C913x1784%7C373x764%7C373x764%7C1120x3810%7C913x1784%7C640x-1%7C1600x147&msz=1120x0%7C829x0%7C300x250%7C343x250%7C343x0%7C1120x90%7C880x0%7C0x-1%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C640%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1049677494.1647563302&ga_sid=1647563303&ga_hid=1139108445&ga_fc=true&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

684db233a1ce224bfe2f7cd1fcef76de93a8638a3041053dd13235808d86a150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43713
x-xss-protection: 0
google-lineitem-id: 5918630293,-1,5917486753,5926477348,-2,5930673517,4488355180,5931479697,5918630293
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138384741036,-1,138380701730,138381620954,-2,138382561996,138379862160,138382422339,138385205920
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.itnews.com.au
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D856 6 KB
4 KB 181ms
46ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 18 Mar 2022 00:28:23 GMT
expires: Sat, 18 Mar 2023 00:28:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lounge.load.4c17dbce49f331e55ae0e3654575eb6a.js Show response
c.disquscdn.com/next/embed/ Frame 6C6B 958 B
1 KB 26ms
9ms Script
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.4c17dbce49f331e55ae0e3654575eb6a.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c5609365a11d6fb3ace1a2596d1a1f593e533e68b85f65d794a49e626c5f5d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625426
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 494
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 10 Mar 2022 18:35:58 GMT
server: nginx
etag: "622a450e-1ee"
content-type: application/javascript; charset=utf-8
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
expires: Fri, 10 Mar 2023 18:44:37 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: deBTyVgVLucp1cygH4I4xJbVew7x-ff0CkTA5vSzjK0irN-2HW3sAw==
x-cache-hits: 0

GET
H2 200 recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js Show response
c.disquscdn.com/next/recommendations/ Frame CC51 923 B
1 KB 9ms
9ms Script
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6b4b5cdef6efda6d01f2dc8d1febe3f9339b85c5055a26c6f299284929cda2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699087
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 2YwCPNjpbDkgNIdasTD5ca970_Zm5PvPzjMoFESbSda39mwM87Fekg==
x-cache-hits: 0

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js Show response
c.disquscdn.com/next/embed/ Frame 6C6B 282 KB
93 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.4c17dbce49f331e55ae0e3654575eb6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d9e28bf1814e0986b8e5b001e2c8d55d164f9cf8ee3ddc1ccf5560fe7053b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699093
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: v2ivh7Oi88L3TziRNRbKDUAXlPadaP7c7u1EoEfbk8HAxQujPMX1mg==
x-cache-hits: 0

GET
H2 200 common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js Show response
c.disquscdn.com/next/recommendations/ Frame CC51 262 KB
87 KB 10ms
9ms Script
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

50db7c9c01c13f0814e91704229cc9aeb94294eb85d1b3d126d96a8caab7af08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699090
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88824
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-15af8"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: VI4q384PP5STMKwn-UXBnutRpDVWYX3RG0JDuS3Skk9FzS5iva0pBQ==
x-cache-hits: 0

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ Frame 6C6B 165 KB
26 KB 9ms
9ms Stylesheet
text/css 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8643676
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: Pb1EBQkEsvjcUSA_eURZWk0tOOvt6GfswJrQgO9Zyi0Qmx0xShVOsw==
x-cache-hits: 0

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame CC51 14 KB
3 KB 7ms
7ms Stylesheet
text/css 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12971098
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: ljKL6MVfL0Iu07sB9r1lTn4xQmjMVr4ZwiLG_wONNAcyNvWujWy6Tw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.8a051c75736795faf464e93aee7362f6.js Show response
c.disquscdn.com/next/embed/ Frame 6C6B 476 KB
121 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.8a051c75736795faf464e93aee7362f6.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a3df4a5e88ac610681d86130da88ba2ece0a809defc6aeeb3678eb9903ab326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625427
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123077
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 10 Mar 2022 18:35:58 GMT
server: nginx
etag: "622a450e-1e0c5"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Fri, 10 Mar 2023 18:44:36 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: mJYn6jTyewFGp-mhKrOD219N-mWoB2zgoMkhiph4JW-zkMQobBpmqg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 6C6B 14 KB
15 KB 7ms
7ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 11
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.2690210765db59fa9244.js Show response
platform.twitter.com/embed/ Frame 9493 143 KB
38 KB 9ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.2690210765db59fa9244.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: c5e26e4cb515c57971f5c901dcbec3327d71163c4510d43681e3522353fe4cea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 37860
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6772)
Etag: "b4f0afa38dce8437e735f5af5dd9dc33+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.vendors~ondemand.TweetVideo.98357008a9809fa238b9.js Show response
platform.twitter.com/embed/ Frame 9493 45 KB
13 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.98357008a9809fa238b9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 9db6713aabf5639680dbcd527b19a7f181ea6144a2aee236d13f6f042a902a3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12915
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/674D)
Etag: "12a457eda922a7eefacd2d23f0f66c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.TweetVideo.9677ea422e19142d19ec.js Show response
platform.twitter.com/embed/ Frame 9493 4 KB
2 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.TweetVideo.9677ea422e19142d19ec.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: f5be6b4ad6092fdc20e472ee2842bf784e4846489ef8b0f83bc4077909b129df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Content-Encoding: gzip
Age: 179566
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 1828
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6725)
Etag: "20f6f5805d5b533af59e020f7d4bcd93+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.loader.UserAvatar.6e712ddc41d494ba5108.js Show response
platform.twitter.com/embed/ Frame 9493 157 B
724 B 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.loader.UserAvatar.6e712ddc41d494ba5108.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: ba4abf1f137e3d8cc642ced67ba7c9c179ae2aa93b668623e396ca980d9c0638

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/668C)
Age: 179566
Etag: "2b4ba8280390637f1785dc4b5808402e"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 157

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9493 43 B
198 B 123ms
122ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647563303206%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22iTnews_au%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22iTnews_au%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221504128871632941058%22%5D%2C%22item_details%22%3A%7B%221504128871632941058%22%3A%7B%22item_type%22%3A0%7D%7D%7D&session_id=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Fri, 18 Mar 2022 00:28:23 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6ee706ae50ad88ecac69f96d17a1bdd3a2a08abcce5ef054792a95451d68c9c9
x-transaction: 8dcd1648944fe380
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9493 43 B
195 B 116ms
116ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647563303207%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22iTnews_au%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22iTnews_au%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221504128871632941058%22%5D%2C%22item_details%22%3A%7B%221504128871632941058%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A538.8999938964844%7D&session_id=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Fri, 18 Mar 2022 00:28:23 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6ee706ae50ad88ecac69f96d17a1bdd3a2a08abcce5ef054792a95451d68c9c9
x-transaction: ee05899db3d286d7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame CC51 65 KB
20 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 02:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3881355
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 26 Jan 2022 21:59:14 GMT
server: nginx
etag: "61f1c432-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Wed, 01 Feb 2023 02:19:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: BZFsdlqpHpijJ6IfYYh1swPxfgBrOaXrFCZBFuyonQ6b92f00PUwXQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame CC51 14 KB
15 KB 7ms
6ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:23 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 11
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9493 43 B
244 B 125ms
125ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647563303258%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22action%22%3A%22experiment%22%2C%22section%22%3A%22tfw_topic_pivots_embed_13545%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22iTnews_au%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22iTnews_au%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221504128871632941058%22%5D%2C%22item_details%22%3A%7B%221504128871632941058%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22experiment_key%22%3A%22tfw_topic_pivots_embed_13545%22%2C%22bucket%22%3A%22control%22%2C%22version%22%3A4%7D&session_id=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Fri, 18 Mar 2022 00:28:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6ee706ae50ad88ecac69f96d17a1bdd3a2a08abcce5ef054792a95451d68c9c9
x-transaction: f0e29e0ce1b6d5dc
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 KIWATq15_normal.jpg
pbs.twimg.com/profile_images/768996059662184448/ Frame 9493 2 KB
2 KB 28ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/768996059662184448/KIWATq15_normal.jpg

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

f9485622e66dcc81eda9fb9326d1cfdbd7d77afd4dc525bd5a516294bc9ad19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
x-content-type-options: nosniff
age: 34151
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2035
x-response-time: 173
surrogate-key: profile_images profile_images/bucket/8 profile_images/768996059662184448
last-modified: Fri, 26 Aug 2016 02:16:42 GMT
server: ECS (frb/67D5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bf7052d368f4af6c8b0269e04142db55f2fbb4bcedd54a950d15b6a186466d4e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FN6QvbqXoBAfndy
pbs.twimg.com/media/ Frame 9493 71 KB
71 KB 25ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FN6QvbqXoBAfndy?format=png&name=small

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

8cfe4c729aa49889ea794deb12507542b2fb60c139a855df6a1a4bf12855b111

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:23 GMT
x-content-type-options: nosniff
age: 194056
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 72714
x-response-time: 230
surrogate-key: media media/bucket/2 media/1503798470142042128
last-modified: Tue, 15 Mar 2022 18:19:09 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b0a728405724836e827c62b0cdd103ffb495f74e715819d31cc9fa023aa45bd2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 6C6B 3 KB
3 KB 124ms
124ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

24cff78d6d3f658f86d1166907ceeb886ed732ea576573d9d081a35352678e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3042
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embed.vendors~loaders.video.VideoPlayerDefaultUI.96cf684c2f96172ada41.js Show response
platform.twitter.com/embed/ Frame 9493 121 KB
34 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.96cf684c2f96172ada41.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 187e1208ea495cf2d00db5baba77743cc6e44b403b548f6f34098c008fdb2f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0Zndfc2tlbGV0b25fbG9hZGluZ18xMzM5OCI6eyJidWNrZXQiOiJjdGEiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3R3ZWV0X2VtYmVkXzk1NTUiOnsiYnVja2V0IjoiaHRlIiwidmVyc2lvbiI6bnVsbH0sInRmd190b3BpY19waXZvdHNfZW1iZWRfMTM1NDUiOnsiYnVja2V0IjoiY29udHJvbCIsInZlcnNpb24iOjR9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=b8a03d01c66bdda3f79dd9d8b9c5ebbaa1b3e404&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:24 GMT
Content-Encoding: gzip
Age: 179567
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 34723
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67D5)
Etag: "6b453889a0b9fe6a4c169b2ab25ac815+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 FN-9JykXwAANaBD.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9493 26 KB
26 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FN-9JykXwAANaBD.jpg

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

b2dce974d741791e58e48d59a1a8bdc9f0b30ab8d7d6136910d37680f01a11c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
age: 116061
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 26510
x-response-time: 224
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/5 tweet_video_thumb/1504128776455831552
last-modified: Wed, 16 Mar 2022 16:11:40 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d640629d2ff223aa5927e14d61a63785b3db312b24a1126d45a1563f360a0e0b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame CC51 3 KB
3 KB 53ms
53ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

24cff78d6d3f658f86d1166907ceeb886ed732ea576573d9d081a35352678e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3042
X-XSS-Protection: 1; mode=block

GET
H2 200 l5Ks1_zR_mini.jpg
pbs.twimg.com/profile_images/1477573096571912194/ Frame 9493 1 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1477573096571912194/l5Ks1_zR_mini.jpg

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

1769d6f8e5754fadf5da905645f1c4359822822c98866c295ca4c5a7eb509386

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
age: 392349
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1535
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/0 profile_images/1477573096571912194
last-modified: Sun, 02 Jan 2022 09:28:52 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e36c5507f9ba52a5d474cce60f5f997de62fe0b6f74d07224b7bb0dd4975046c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 noavatar92.png
a.disquscdn.com/1646863724/images/ Frame 6C6B 2 KB
2 KB 204ms
8ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1646863724/images/noavatar92.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 698399
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
content-length: 1644
x-amz-cf-id: T_CkK5Yfj8KhEzsqjFxmJCa_q32XqagWtI7fqfn2MqOrFsAmbL6Y2g==
expires: Fri, 08 Apr 2022 22:28:25 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6C6B 13 KB
13 KB 8ms
7ms Image
image/svg+xml 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 27942643
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JxipWfrjY56QLy59JiNbPNcaadOpa7fe4-cVLmZ8CGyOot-TKPb-yg==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 6C6B 3 KB
3 KB 7ms
7ms Image
image/gif 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:58:07 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3699017
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 26 Jan 2022 21:59:15 GMT
server: nginx
etag: "61f1c433-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Fri, 03 Feb 2023 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Epng4HS_atKtrhj1iErBuAZxfKXX8m8NGHQOP5saqotxQFXN0G3H9g==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 6C6B 2 KB
2 KB 7ms
7ms Image
image/png 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15223236
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fFRs9SLSmu0gttOi24GlBzbXPJN0KHv8mjE2BK2k9RWJdnypz7IpyQ==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 6C6B 8 KB
8 KB 8ms
7ms Font
application/octet-stream 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 17073006
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: tj__sZiVK0kVaF7WVNQeXCpGdQFE-Y9A3ur5AjtYTQOCxsQnkvW7Iw==
x-cache-hits: 0

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame CC51 5 KB
6 KB 101ms
100ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=itnewsnext&thread=ident%3A577458&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1f0d390f283a92ca3f841d7993605ab943979cde23f19e5ce14c793b22dc86b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 1259
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 5490
X-XSS-Protection: 1; mode=block

GET
H2 200 FN-9JykXwAANaBD.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9493 26 KB
26 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FN-9JykXwAANaBD.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

b2dce974d741791e58e48d59a1a8bdc9f0b30ab8d7d6136910d37680f01a11c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
age: 116061
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 26510
x-response-time: 224
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/5 tweet_video_thumb/1504128776455831552
last-modified: Wed, 16 Mar 2022 16:11:40 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d640629d2ff223aa5927e14d61a63785b3db312b24a1126d45a1563f360a0e0b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 9B5D 337 B
839 B 7ms
7ms Stylesheet
text/css 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11683395
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: POkSIvSlOeUinwn8fAS3eyWZ-5Zk0eJo5yRDrWtRH1fy_KBXG6yUYA==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame AD00 337 B
837 B 8ms
7ms Stylesheet
text/css 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11683395
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: tptFGlJ3Ovkhwb3KuRZ2nvsDBH95rso5QAUonBW3xuQqeagK9m6uAw==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 6C6B 43 B
339 B 183ms
99ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=371&event=init_embed&thread=9074322267&forum=itnewsnext&forum_id=2865237&imp=6vv4ufp3kshq3k&thread_slug=phishers_devise_browser_in_the_browser_attacks_chameleon_landing_pages&user_type=anon&referrer=https%3A%2F%2Fwww.itnews.com.au%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 00:28:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6C6B 13 KB
13 KB 8ms
8ms Image
image/svg+xml 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 27942643
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: iMdK0I_dSyXtzrsMePpFebxKmFRNYmxIpTd1nJluKqMI4uvEbmobhA==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame CC51 21 KB
22 KB 12ms
11ms Image
image/jpeg 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fcryptocurrency.jpg&key=YRme9ZUh9dSDTcyfOq6yWQ&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dfa24ec2d56a01c5d37b6c6b32c1c1fab7ddbb7cf703d57c26009fb972447dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 01:16:24 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1465920
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 21619
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ietI8U2ZWfsBcRhiJpyk7LYCHTZJq79ktHYp7gDyReMD1KIe56ZBJw==
expires: Thu, 31 Mar 2022 01:16:24 GMT

GET
H2 200 get
c.disquscdn.com/ Frame CC51 12 KB
13 KB 10ms
9ms Image
image/jpeg 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fdigital_identity_facial_recognition_biometrics.jpg&key=TdGO_lye0oSQER_2HGQCow&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b416668ee008f6d3888c2d931e8a24e75078905cf671e3aa68fd070c412be4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:55:03 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 696800
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 12463
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 1WprtEgM-1UHhYUdQFjpErZu0y8hHhnCQiy5ynv5WW4jhyl7dq-Qsw==
expires: Fri, 08 Apr 2022 22:55:03 GMT

GET
H2 200 get
c.disquscdn.com/ Frame CC51 10 KB
10 KB 14ms
13ms Image
image/jpeg 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Ftelstratower_b_hires.jpg&key=6CxJ3grxMz0LaPNIcDE0gw&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a3e79915a5d8c3c22f52e57fa11b2fe3852f70be8ca401e4ad015fcaa7106dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:06:30 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 771714
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9818
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: MUE4En7eOJrSjJI9S1GOrd7Zpc8HZYI7J_U9gx7fTId90LIq_rEQlg==
expires: Fri, 08 Apr 2022 02:06:30 GMT

GET
H2 200 get
c.disquscdn.com/ Frame CC51 11 KB
11 KB 13ms
11ms Image
image/jpeg 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20210921125404_crn-14_australia_post_auspost_iStock-486375902_%281%29.jpg&key=mbnibfEApWViEfIzmJcCeg&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

206e8a913981ec852b0b2e68e2471ad0ef46e9b69a2ec8bc9451ccb95eaca487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 23:43:12 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 866712
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 11076
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: UmzCPmC2GGRr-Dx3SNjuD6khx72vctOV8cVnyk6VEPeHZo-4M8_gJQ==
expires: Wed, 06 Apr 2022 23:43:12 GMT

GET
H2 200 get
c.disquscdn.com/ Frame CC51 8 KB
8 KB 13ms
12ms Image
image/jpeg 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Ftax_form_ATO.jpg&key=rTw1Y2rvX1MmH6HMcFwmHA&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

07a894c8f496286580b2a64793f7d1b4ada72b69f9fea8d8d9056d599cc7e322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:22:35 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 587149
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 7779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 8a6PF-dqyC8qhIHKB0bPqM7ZJjIOSrD5ZQYgAhk_mLt_zfAGtpI0Lg==
expires: Sun, 10 Apr 2022 05:22:35 GMT

GET
H2 200 get
c.disquscdn.com/ Frame CC51 9 KB
9 KB 13ms
12ms Image
image/jpeg 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2FColes_x_Wing_Drone_Delivery_Launch_2.jpg&key=x_8SzYdDlqJGi6VUULfHoA&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef30b4f854878d0c9dcf3d1a44c6aff7684570336b7a231457e8f2dbafa4c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 01:54:09 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1377255
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9110
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: pdQwL8BUxiakWfhL3bFEt1Jerxnxl7IcSxY8YFEy5asLt0S81iuvkg==
expires: Fri, 01 Apr 2022 01:54:09 GMT

GET
H2 200 get
c.disquscdn.com/ Frame CC51 10 KB
11 KB 14ms
14ms Image
image/jpeg 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F2022-03-03T213050Z_1_LYNXNPEI221CG_RTROPTP_3_BROADCOM-RESULTS.JPG&key=gP0fPhCHFxo0K5gKT3WOmA&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8f7fa0d6201acd8ed5f589a2b68336fed79fd292e90a6e69a50df50a8ac1fed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 01:27:36 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 514848
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 10707
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Hr2LlUmdB_dhXtVGOhlphKyrcFs1nx8tAxAZvYYgEu-qt3eDfsijaA==
expires: Mon, 11 Apr 2022 01:27:36 GMT

GET
H2 404 get
c.disquscdn.com/ Frame CC51 0
0 105ms
105ms Image
text/html 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foptus-store+iStock_690.jpg&key=__TrS-da0rjPNG46171kXQ&h=200
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77D9 0
0 74ms
74ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoYrnybRCMCUc5HyLzqf2-ACxA50cKKV8P0XZZ_8WWRpsmZnvNeAkjK7RF0r5w4WxDDz2-gxw-sqrhW3Vqi5XEQaXq_UdvBT79idbXQaLWvEmrne21r9g16a3G49QBFwI0fMsEIo5fyOYta0ZhDMgmn9-CrUkSn19F9QJ413gdD1zEKi5jdWOvRIq2sXc16RmKseCJ2xe99eW6LQ5Y2vYgqDRIliRUE_8mgOhIBO-mkPP7CYAsbwN77cF5vXAXhLrI5xoNh51G0NbutkrR-1BR_7xtD2oII3uZgiSWy-SGkqQVs3BVraFyg5YxnCImVLqsQsfl&sig=Cg0ArKJSzHZxJ0jkBWo2EAE&uach_m=[UACH]&adurl=

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 77D9 19 KB
8 KB 139ms
37ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 23:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 23:58:38 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 77D9 2 KB
1 KB 340ms
239ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77D9 117 KB
36 KB 118ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
H2 200 2530332929872069911
tpc.googlesyndication.com/simgad/ Frame 77D9 31 KB
31 KB 149ms
49ms Image
image/jpeg 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2530332929872069911

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a73de8ea36dfa81daa6c2ed8f127460d33f174fc2f73f1fcbb908957f709283d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 06:19:05 GMT
x-content-type-options: nosniff
age: 65359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31640
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 22:52:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 06:19:05 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202142035000/ Frame B7D6 220 KB
61 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 61259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61563
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "74cdf3878bfbef53"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame B7D6 16 KB
6 KB 189ms
106ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 61259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame B7D6 96 KB
29 KB 198ms
115ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 61259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame B7D6 5 KB
2 KB 221ms
139ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 61259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame B7D6 42 KB
13 KB 170ms
131ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 61259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B7D6 8 KB
892 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 22:42:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 00:28:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
H3 200 container.html Show response
b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F0D6 6 KB
3 KB 89ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 00:28:23 GMT
expires: Sat, 18 Mar 2023 00:28:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3EB1 0
0 75ms
74ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg7A8cvIRwV5lxQwnQsq4q7mvER_uqWS838SXCYB1yGKwz7ggU3AnjOQ9naO9XVIaztIgRw6ExEuEi6A91ym9FybfuyZyFKM7e-t_ekCUZ-7TyF07JdVfLTVos5O6USeKdcZK1JEaIybaB-IAGuYhdOWrZxJRM3qfu4UjqkP5ZALnIHfgUdqCyrzurfhy8aG9JKNjsFovsvNL34MhYNBg_HHD2Wfik8vcLyu2wnQWhL6cnWL-jPStkoGGJSnePWGc5_eQYSwGPh5e1x2KpukuLJ938cPLsGG7ba2htDXNHiZCILYBZzdxx&sig=Cg0ArKJSzJscL2LoW9BAEAE&uach_m=[UACH]&adurl=

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 3EB1 19 KB
8 KB 126ms
43ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 23:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 23:58:38 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 3EB1 2 KB
1 KB 239ms
238ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EB1 117 KB
36 KB 82ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3EB1 0
0 95ms
47ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXO4-vc6i1jMocaxiVU0buWpmC_IGfzdVYS4vZlXcoPpf5Rbt8ym_yJNna9qlsXAXU5-iDW2tuIcpn4sbr9EBofs5G4Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 9699005799526666638
tpc.googlesyndication.com/simgad/ Frame 3EB1 42 KB
42 KB 155ms
102ms Image
image/gif 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9699005799526666638

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

597efb31f3406491826d0b0cdf1ffe06136b9bb58c6d2fd96cfe374cbaef04ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:58:38 GMT
x-content-type-options: nosniff
age: 16186
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42866
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 04:41:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 19:58:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0B89 0
0 76ms
76ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuntgo0ypbdNOA72y0UgxCv2V45yFdwpIo8hUtk-NaM-mvUMXzl-8dHKckJ2CYgrc1BIa-6SuVQ1-ylUwBCT1sER2P55ZyS4AE8IX3xY7efn3rdyJ-PW3qt2qBElpDAZCjmlKg5qVfkUxcXKA_lu1BNpLhh7pxnKkD6ai1oot1GPd3lHgxqIOPt8ROtiECNSrkTBMEyFXlT2mt_RRi-O7A_OOm8QC8W0qssjob_RqDa6xa-vNOnpWpOYYYFLaWORmQ0F-BBUUBSKLlY_Bld1h2sx5HyB3emzTnYCbiJvofNT9D-DOJ1jA6xkbqGv-Y-iA&sig=Cg0ArKJSzLYwsdV4DQlXEAE&uach_m=[UACH]&adurl=

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 0B89 19 KB
8 KB 259ms
182ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 23:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 23:58:38 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 0B89 2 KB
1 KB 239ms
238ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B89 117 KB
36 KB 107ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0B89 0
0 90ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7hianmHrjnn2isVWR9-xOWU3j0d8ZBPpHGe56MG7UZvk9_vrjVX8QSYH8CqYXxrQMdJHcxw5RJ_z5rugxQnDj3L-EoQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 11014075178952482030
tpc.googlesyndication.com/simgad/ Frame 0B89 30 KB
30 KB 236ms
183ms Image
image/gif 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11014075178952482030

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

51608cf7952b33f3673d12f20ca803fe20198db43c9a931cfe11bce627135cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 23:50:05 GMT
x-content-type-options: nosniff
age: 261499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30282
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 04:22:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 23:50:05 GMT

GET
H3 200 container.html Show response
b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9105 6 KB
3 KB 69ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 00:28:23 GMT
expires: Sat, 18 Mar 2023 00:28:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DD6 0
0 74ms
74ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst74Z52ITuosebccQkp3HD1Hk3GBxjuCc4WMZne8iX1YVsaidc4ofJvV_fNfnFdXYWcGuEdbL6ZoUnTiQrjFRHhTU-a0d_dfGNFZCuOhBhJC7l4m1nzkd_HeM3kJBgxB0V1PfoOz7OgXvjXht2Tbj4aKKOGMD3uLspeB9Ip07nM_x7mJtEsvIHhC9PocBco9MPatKB4ysj_oEEEBPV-Pf-upKmEbtzAn0jpQ-X1J7H1h_E80HZkzCTJ84mfUaBWSqDeoqyh26WfyF9GAZWQvPkbt2Ywvf2qFreVRkQHgwJ4n0KUokOgaVbhmCjdNxvAGJbwWVUHd0TvlQKNppIJ-A&sig=Cg0ArKJSzAimJcqvMApoEAE&uach_m=[UACH]&adurl=

Requested by

Host: apple.news
URL: https://apple.news/AGE6ioqABTNywEja6RuAUeQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 4DD6 19 KB
8 KB 257ms
190ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 23:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 23:58:38 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 4DD6 2 KB
1 KB 240ms
238ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DD6 117 KB
36 KB 111ms
100ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4DD6 0
0 79ms
47ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8aa-oUXPlCGVqidzBALJLRRTP3Wi8GjRFOiykNkZB4updosMyQOEnR1K9svzfDFgK7-XulEal1TI_e3U8MKiFwSWnXw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 13066913210414675199
tpc.googlesyndication.com/simgad/ Frame 4DD6 167 KB
167 KB 176ms
124ms Image
image/gif 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13066913210414675199

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

05dfc2e98103015e18cc7e469194582e1ac1edaae76a2b33feb7d7b2a80da5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:29:28 GMT
x-content-type-options: nosniff
age: 575936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170955
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 05:41:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Mar 2023 08:29:28 GMT

GET
H2

200

3473041443409053549
tpc.googlesyndication.com/simgad/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueprsmcZDanuS5PHshNSUUUjfXMxgns1mibNLs_aN50V9g1k7CMFYBOUDfdXHYMpY-chNXZDOUzga6rusVf6UO1x5ureMoQUHjllPf9bn_6bSePo6gB9vxy5uDCWJ1ABQIN1zY4sfpa...
https://tpc.googlesyndication.com/simgad/3473041443409053549?

393 KB
394 KB

170ms
169ms

Image
image/jpeg

2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3473041443409053549?

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1d7056f89a26e63a06b6126936b21f5319768e11ef6afcad928c0b9b3d84a875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:29:15 GMT
x-content-type-options: nosniff
age: 147549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 402742
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 04:29:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Mar 2023 07:29:15 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/3473041443409053549?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame C43D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a03406bf5c7fc2f21adafb0228bf93b0feb6d987feb1913adf82a247d82ee5de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7D6 2 KB
3 KB 120ms
99ms Image
image/png 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 53206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7D6 295 B
424 B 69ms
48ms Image
image/png 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 52519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7D6 0
0 73ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRzySzAylxOnPx4EpFx0XlmuZpraDT_hBHF0piftCXaE0g0GHK03x12CmmRW6-0bBKMnuLBM8fK3VeW9r7Oo4ARQMfwQ
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B7D6 0
0 82ms
82ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4VlvJ9IzYumWNMLV3wObt7WwD-3GrIlpuKqfiJIO__WQ49cCEAEg_YCnOmCV4pCCoAegAavVtLsCyAEJ4AIAqAMByAMKqgTGAk_QvU8cfMh_NuQYe7yXq9jQHsoV8-zNKUgjj6XkcFulkhOwA5kzBrYkaJ_JtHVSc_MKdNKo2TUreCk4Ac_u6oKTNGm7u_sbcVNVTNUQ8OqS_iQgRJoENvCtnBcsCpr4yFFjlUJYgtryPIWe7F7hCOf6xdLwsxtXmBGFnZlFa36jEotCfzneWYOnkw2VrAtpTQgS_WOv30O6uGQLMgkeAsLos4-bcJotUWvPmm6AHr2WUOn76U0oKCO3Jx2ju44O-JzNC5LCiA_AwAKH7ey8b51MWyPV6N_kFg1x0oHDR-kYF4HXkB5gEvjTfO3i2Sl_FRiCmO7T5UP3ket5AuCKjGnTS-2pEgXbKg1EG0K7V3IfEOQNm6yE0vt2UEfwi99zsPV8dEJz8-iahvE5SHMaGckjqdyKAO73Ww__mGj6VFnFBBeraYBKwATttKeVtQPgBAGSBQQIBBgBkgUECAUYBKAGLoAHxbSTyQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCNiT3SCAkIgOGAEBABGB2ACgPICwG4E4gn2BMM0BUBgBcBshceChwIABIUcHViLTY3OTIyOTYxNTYzMjk4OTAY3dgF&sigh=ilo6uepDAuY&uach_m=[UACH]&template_id=5000
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 img-placeholder.df52e7638153b73862008d3d0556fdda.png
c.disquscdn.com/next/recommendations/assets/img/ Frame CC51 1 KB
2 KB 7ms
7ms Image
image/png 2600:9000:21f3:4600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/recommendations/assets/img/img-placeholder.df52e7638153b73862008d3d0556fdda.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:47:25 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 9812459
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1054
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 23 Nov 2021 19:16:33 GMT
server: nginx
etag: "619d3e11-41e"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 24 Nov 2022 10:47:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VZbVbJkAKo03JEJD3VoKUFEJpu8ThV4qn_nsu7sfQXtr1r9yvldlyA==
x-cache-hits: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12413211364885930352/ Frame B7D6 5 KB
5 KB 116ms
95ms Image
image/jpeg 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12413211364885930352/downsize_200k_v1?w=195&h=102

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

41eb93c0ecfbc91fea65fc90164d755990a88653ef16523d685431dd2363a30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:27:51 GMT
x-content-type-options: nosniff
age: 230433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5056
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 16:37:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 08:27:51 GMT

GET
DATA 200
OK truncated
/ Frame B7D6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B7D6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B7D6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98f2b364e969aa07a7f87c1d91e99e7834609ebdc22af6301cfad24d0af5afe3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame B7D6 28 KB
28 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 178902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:46:42 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9105 22 KB
7 KB 171ms
170ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 07:28:28 GMT

GET
H2 200 native-loader.js Show response
video.unrulymedia.com/native/ Frame 9105 8 KB
4 KB 52ms
8ms Script
application/javascript 13.224.192.221

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native-loader.js
Requested by: Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.221 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5fd0ccf18092cf2a46425be60d4b66d153faa940954745625fe1a51afda7a12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: erzuuP4FsU4bRVRysDX4deouRnF63ljt
content-encoding: gzip
x-amz-expiration: expiry-date="Thu, 15 Mar 2029 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 16 Mar 2022 09:58:37 GMT
server: AmazonS3
age: 311
etag: W/"ce35200eaa8f36096071a67535f98456"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control: max-age=600
date: Fri, 18 Mar 2022 00:23:31 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 17Yu73EL6g2llpU1zvg3-_2oWsApGzWaWdepXs-f-AlkwL-g3sg5QQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9105 117 KB
36 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F0D6 22 KB
7 KB 171ms
170ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 07:28:28 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F0D6 11 KB
5 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5008
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:23:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 01:19:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0D6 117 KB
36 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
DATA 200
OK truncated
/ Frame 3EB1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9731714fd0d9c089f3d0b810e32c67e90b4c18dfed8424e2fa4d5b4d082f4603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77D9 0
0 115ms
70ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWMCmiElE9cAdBo3kUZVJSpuAPYiMyEk7-Ff_hXM4U7bwjcboRWVaql9o9YQlWGmj2-sHlkJIf-nHcIdQtW0w3kOFhBxNKfN_N9f9_zqxNzqnGz_gfi8iAm3qL4eCt1nmAJhzWuGlys_p3rM_JSwpbzON4eVnG63Wnp1Y3aFmSCGgC4sEFxQaTEZLJxVAfkudu3Jt2uilWuYprnaxFOmQOGORsiT7CmqYqg-GitjQLxn0vX3g6W_mtW7aV2YvQIOg9F5vlE3xps-B1-aW2a0z6T1XWuGu7b7ayiNAmSVGOAYjXvZ6Et1Pa7N_-F0gyHhwnmgn1bEM&sig=Cg0ArKJSzPMkrp36Y2U4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
DATA 200
OK truncated
/ Frame 77D9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52760157de92058ad3a11083bcc027371a8708f79f80150e0f7ac9e8eaeec144

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3EB1 0
0 71ms
71ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYoR1d8b5F_8eN8UdIVK_tRDvIk3VeSmWv5IpU_mi2xIXis4xLMKeqQkf1oYsy9yhb-BUPCwPSka1sLPYM5yTjT-ZL0pYKjvA0DISq7_zxhqag8sEIp7PM34TMstAmjRTzeJ73VLtH6u0JFP0jGr44-FIJbn5sza05q3p0Ug7RUU-oBqIZTeSYbJr-7Mi6DPEZh1OEh2mKbKBN1o8chcQaVFH32iMG4fqcLjpWdyZ9j8PQk3OXYTIr_kH-X7wanRbkfjQyNmqa5nUMF3FOrnsiSdn-3aM_9xV1Qn9Sng2E5zYmAHPeKVXdGPw&sig=Cg0ArKJSzNGsWN0pF9rUEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0B89 0
0 79ms
79ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjjH_QTptRsZGjME1bVFT9CljBJLIrNZMpe_F6q2bX239WXlI4K6WaKIS0H_ErP28TMlHSC3EX5GdmhQ3rzLcNcSwxWIz_BGwvkgi3kWxyVgUlFWxaUqihH33GlT2u0Hb0hUG1ftSthIXmXl4iTe4SmD3x9vgqHzCK2q3p6lV3hrUxpU6ewupKaJ8tFApwjsWh_78bSLYQYzL-tueVj7str3UkWILLLsdrpHi348pwbwlQOcqGRo7Il2FWnsNaDQrJOC1qeJI4tgjWP-XpZYe0WVUQBn9WSKXerNTBFBSdhesuMsbso2tQRURJx_5dyyXN&sig=Cg0ArKJSzJHkbIgol8MiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
DATA 200
OK truncated
/ Frame 0B89 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16591e833d434d1243609c2e06a8bf28ba89f295c509fe13043877e8c8f690f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DD6 0
0 82ms
82ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOAZyQiwx_Yx-Jrz9A-8m-hAagXALj83FS1qKn_SOyzG-lU9iU-LNqCCUnDTlqUg75AdIjlESmMdOwM_zAkkk9hg6oLZTWwQ_irBfcVryXAHSKh0mt-GaLS9201pqxVwGnAeRhb0hQxT5ObF5zzOXCJyw3MVKBtMXpEQOxq6agNz4y453ZTx4u74cHKUG9hCxT8pXdeq2iLttEJTuNI-bzX_OagmSPX8XpYDeJqHxG7VyfRcO78O9R9EJVnd37o7Wqd1cC9ePfSNrYLDbAMBwS6g0dd2szuYRpIhMcWATsbE2pgJvQnDX8nsbGFsd8dtp9dg&sig=Cg0ArKJSzLOS19N9lNkPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Mar 2022 00:28:24 GMT

GET
DATA 200
OK truncated
/ Frame 4DD6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5c0b7ca4d9511693687f24cc61b5e5db895350941c2786b8ef4bc1cda11a38b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9105 0
0 76ms
75ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE7tntYgaAovNXUlElBwEJ0C9Jiq4KhWcNcCRY4SxJCeI0StSXt8b1mIkH9esRm7GxNjc1ISjL8qsZCIruDv8kTMoythzY7VGIZedhHNqIWTTJk79bcWxA6FqA-685p448S-QRKEqq3Rvj2yRIXssU7AXSA1vxdygLPI8J_6xwB4lGB6oaHP7qjiYRow8HHEJI5CLDPcGTW8HFh9FSJlDuPOBeTrWovsRtv_Ducd9Z-95lW9XbzCy8dTo0s6Eb7jPJCvGKlFKXh3fNJKsEnZwjkc58Ejrdz2z4Xtsj-0c0S8yCRP8tKof7_Ro2dmzQm76U4nq_9v3Y7w&sig=Cg0ArKJSzI-tO5RN7aOMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 systemSkin.json Show response
video.unrulymedia.com/system-skin/ Frame 9105 1 KB
1 KB 431ms
399ms Fetch
application/json 13.224.192.221

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/system-skin/systemSkin.json
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.221 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fa3a4bac4c0a505ccddade24a0bd9d3fcbc8043b626541c4a9187c9a477601d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:26 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
x-amz-expiration: expiry-date="Thu, 15 Mar 2029 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 16 Mar 2022 11:04:04 GMT
server: AmazonS3
etag: W/"86ede910e5ead299265ca2b818d78aec"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
x-amz-version-id: rCwAu_isJfP4iWVUn61cBMGY6MyDuCU5
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control: max-age=600
access-control-allow-credentials: true
content-type: application/json
x-amz-cf-id: 38M_adNzjSiJSBFFEwJewZeZ1QwJPD4aRk4rUf4q-7oZCgqmTNtdlQ==

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 1C04 85 KB
30 KB 98ms
40ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
Origin: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 15:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 15:06:19 GMT

GET
H2 200 img
rx-stats3.unrulymedia.com/trackedevent/ Frame 9105 43 B
225 B 82ms
14ms Image
image/gif 213.19.147.45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rx-stats3.unrulymedia.com/trackedevent/img?event=tag_load&adslotid=17f9a6ced42261270575470&siteid=1089786&iframe=true&compat=CSS1Compat&pageloadid=17f9a6ced424bcfbbbcc830&cb=1647563304258&siteenv=html&doc_type=outstream_pread_event
Requested by: Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:25 GMT
server: Tengine
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0D6 0
0 78ms
75ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLAC-JsTYczIT4945VwZdE0mYfvp9lYLU-whnzu6pigFqRKj-gdRjOwQU4Hhk2OEGvmC4OWNxjUQImxkNYsWiFCby8ZIqJOars5edEZaWWe_BsaKDbFzRKNvES0MHUP5oNN1iGXDOdVBayxmWxrNv3kHjSDC2MeyEak6RQWztTZsPuqt4CLRHO0Ap1Vl499GBOGPEeW1T135QHvZ_HH6hxUXOt9sF0lHoadnagFhVtY58GtdUwrBjdjqRYIS3MIuNnV1kBCtxKJ-TmvZAcPl0m5TJBGjio-yZ-1iQ0oZmjyUFm3rd2uzGq&sig=Cg0ArKJSzFeiR3oQm3jXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
URL: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v85.js Show response
www.googletagservices.com/dcm/ Frame F0D6 42 KB
17 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v85.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 18:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17382
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:13:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 18:25:46 GMT

GET
DATA 200
OK truncated
/ Frame 9105 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52272f234ba7e7472544119f577b05357e370c853d50d8ae3bb5e3fe73749df1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 B27257712.328206801;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3381710146;ord=x8rdgz;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstRYvIlzyH78iGYVhXYPatDlcfg... Show response
ad.doubleclick.net/ddm/adi/N7442.1964900ITNEWS/ Frame F8F5 54 KB
26 KB 168ms
73ms Document
text/html 142.250.184.198

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N7442.1964900ITNEWS/B27257712.328206801;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3381710146;ord=x8rdgz;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstRYvIlzyH78iGYVhXYPatDlcfg81yPkiPcWnOdnwu4aCoOxzJ4G87WRxVnVWC9xiTTU7kcSAqnRWTouNwOk0qQ1vUXvGZUtMB2nD42yRxEGby7MKdeA2Vg-M1_6pUK5vNWVDnsRmNT1LGI7myp7q0TWs15QWtWMrO5ClxnRBfxkIQFCcLDjtD4RSb14KmVwF0xe86Jwk-7U6cu2jF96o16VQToL2CsB-r30axyRhisH3GPw4__bil8eaQJ_t66f1PAAsnIbdbGniF0n9JljNovearsjxmnxOoOQ1DYVOWKo2o8Z4ug%26sig%3DCg0ArKJSzNx5nt4NQsvaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.itnews.com.au%2F$0;xdt=1;crlt=N9nPVxrym5;sttr=66;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

2b0488cca762a8348b6c33c6f170a30d4cacb37bea1a376d647401b681d8a07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 18 Mar 2022 00:28:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 26362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0D6 0
0 73ms
72ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3VdFl5ASnTI7oddTdF_hx4YS3zBaSaDB-tbWpeFCalbJPHo2NR-DpVUmh1-iet2hyIydPtuWKEZrUmUFY5ELMl7H3zWtI1pYiURdvFRkQcbImjKjfqvuQw789Ng7dO3OJWONuTuW9-xT5Nsr1xMDxkhUI0QNvHb7AMsdeppWz2Atj4G2aCyKHxSRqHeg7cHLCnGSF8O7ZrSqBpemJ2-PE-MxIkr0ZeTWRGwafMSHDkRzDT_iFPBaI80g2FZQCVAwwBMvmOXPg-ouAfhH66LzKFFtsFrhTZUkf-KGH_dGZMzORA8lPw7V6dl4&sig=Cg0ArKJSzICHMHyjIKgrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Mar 2022 00:28:25 GMT

GET
DATA 200
OK truncated
/ Frame F0D6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd155db355ab5a7a193b891ddfd824862993fa7f8bddd6e0c62454badef3e5fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

native_v1.0.1743-0-ga9347d2.js Show response
native.unrulymedia.com/native/ Frame 1C04
Redirect Chain

https://native.unrulymedia.com/native?percentage=10
https://native.unrulymedia.com/native/native_v1.0.1743-0-ga9347d2.js

72 KB
20 KB

9ms
9ms

Script
application/javascript

13.224.195.32

General

Check archive.org

Show headers Download Go to

Full URL: https://native.unrulymedia.com/native/native_v1.0.1743-0-ga9347d2.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 13.224.195.32 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ed2fc83f403d44d06ab44e388b96fbce46e7e8808502fa2279d09fcaf325b21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:51:47 GMT
content-encoding: gzip
x-amz-expiration: expiry-date="Fri, 19 Jan 2029 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 20 Jan 2022 09:43:29 GMT
server: AmazonS3
age: 4890999
etag: W/"96e8ecd2a02e783224303b222855f953"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: BygRU.fvIgkR2ZJIUPU.CEcoarF61l3e
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control: max-age=63072000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: LiQbz73TfuFR8DLJjfsnoo5w1EDzHIJoayBBkqqCKONC49QDXDo4qg==

Redirect headers

date: Fri, 18 Mar 2022 00:28:25 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
location: /native/native_v1.0.1743-0-ga9347d2.js
content-length: 0
percentage: 10
x-amz-cf-id: wV4smFIXpkSWzAyIoZyOfzs_RXKbq68kWxv9ikQfk62LYIHK5Y9XLg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9105 0
0 72ms
72ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_yKvDuLWrZlriVw610CTd-bjZaH16b5ZsuSrlyGPAkn3Nm-JoXoFRN0O2U6u5-Emph6ZeNdR_AtKyLBg-2OnuG6Y-68nLjdvDYlVODKRPrTFgrJF7zxBCXsuRhXVmVAnyn_-HWR4tVe_suvy3vk2s_U7t6Ld_gbiJGrDeKfBcde6tkEsf7ubuHahgIIkM03Ah2xYAOO1G4F1118r0FX6B7CdbvMnW48bnh7K9B_qDBjhHsdNufEs5UwEajwRD2v0NdYx-h9qs28oS7CguAxcU8x3rcyEpR5nvwLQuP8nGv1N9ZoK6Y1RSQ7QkQg&sig=Cg0ArKJSzOzR141IswsVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Mar 2022 00:28:25 GMT

GET
H2 200 img
rx-stats3.unrulymedia.com/trackedevent/ Frame 1C04 43 B
225 B 14ms
13ms Image
image/gif 213.19.147.45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rx-stats3.unrulymedia.com/trackedevent/img?event=error_blocked_cross_origin_frame&videoplcmt=%5B%5D&siteid=1089786&devicetype=desktop&doc_type=outstream_pread_event&clientver=v1.0.1743-0-ga9347d2&adslotid=17f9a6ced42261270575470&cb=1647563304499&message=Blocked%20a%20frame%20with%20origin%20%22https%3A%2F%2Fb9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com%22%20from%20accessing%20a%20cross-origin%20frame.
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:25 GMT
server: Tengine
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame F8F5 8 KB
4 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.1964900ITNEWS/B27257712.328206801;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3381710146;ord=x8rdgz;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstRYvIlzyH78iGYVhXYPatDlcfg81yPkiPcWnOdnwu4aCoOxzJ4G87WRxVnVWC9xiTTU7kcSAqnRWTouNwOk0qQ1vUXvGZUtMB2nD42yRxEGby7MKdeA2Vg-M1_6pUK5vNWVDnsRmNT1LGI7myp7q0TWs15QWtWMrO5ClxnRBfxkIQFCcLDjtD4RSb14KmVwF0xe86Jwk-7U6cu2jF96o16VQToL2CsB-r30axyRhisH3GPw4__bil8eaQJ_t66f1PAAsnIbdbGniF0n9JljNovearsjxmnxOoOQ1DYVOWKo2o8Z4ug%26sig%3DCg0ArKJSzNx5nt4NQsvaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.itnews.com.au%2F$0;xdt=1;crlt=N9nPVxrym5;sttr=66;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:09:23 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame F8F5 106 KB
38 KB 58ms
14ms Script
text/javascript 2a00:1450:400e:80d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 11:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 11:32:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F8F5 41 KB
15 KB 88ms
39ms Script
text/javascript 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 07:28:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8F5 117 KB
36 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 00:28:25 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/ Frame 5B12 165 KB
93 KB 31ms
15ms Document
text/html 2a00:1450:400e:80d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c2b3bd8209655d45d2945cb76723a9c270c1e4c6d96177703c37c06d47b0ac18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 94977
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 13:55:53 GMT
expires: Fri, 18 Mar 2022 13:55:53 GMT
cache-control: public, max-age=86400
age: 37952
last-modified: Wed, 09 Feb 2022 10:00:37 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F8F5 0
524 B 179ms
76ms Ping
image/gif 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMcpKTx5EGc7OHPT28yKntaNTxtFYDpB8kH-rjzotGA5AeP-s82MeYcaIyWEKMo3YhJzXrb-rLBFIO_QZIaH_Y9kgt9akoUF1cBgROVwhlqtroJZaTvnNqYB8rmv_o7a6nTi8bCFQeWbP4Xc2_0Eco8U1cnBDr-slk-vYhyOvlqar8nF0J&sig=Cg0ArKJSzJrfdD_RFr-_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=88&cisv=r20220316.25862&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 i
cdn.bizibly.com/ Frame F8F5 43 B
343 B 28ms
7ms Image
image/gif 152.195.15.58

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/i?v=5901210&a=520175621&c=166472232&s=3004163&p=328206801&m=0&n=3883330816
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.1964900ITNEWS/B27257712.328206801;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3381710146;ord=x8rdgz;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstRYvIlzyH78iGYVhXYPatDlcfg81yPkiPcWnOdnwu4aCoOxzJ4G87WRxVnVWC9xiTTU7kcSAqnRWTouNwOk0qQ1vUXvGZUtMB2nD42yRxEGby7MKdeA2Vg-M1_6pUK5vNWVDnsRmNT1LGI7myp7q0TWs15QWtWMrO5ClxnRBfxkIQFCcLDjtD4RSb14KmVwF0xe86Jwk-7U6cu2jF96o16VQToL2CsB-r30axyRhisH3GPw4__bil8eaQJ_t66f1PAAsnIbdbGniF0n9JljNovearsjxmnxOoOQ1DYVOWKo2o8Z4ug%26sig%3DCg0ArKJSzNx5nt4NQsvaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.itnews.com.au%2F$0;xdt=1;crlt=N9nPVxrym5;sttr=66;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 -, , ASN (),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:25 GMT
last-modified: Thu, 17 Mar 2022 23:59:07 GMT
server: ECS (frb/674C)
age: 1758
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET img;adv=11002245653149;ec=11002245685555;adv.a=5901210;c.a=27257712;s.a=3004163;p.a=328206801;a.a=520175621;cache=3883330816;
ad.atdmt.com/i/ Frame F8F5 0
0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5CE9 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:808::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 07:28:30 GMT
expires: Fri, 17 Mar 2023 07:28:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 61195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Cisco_Bridge_logo_navy.svg.js Show response
s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/ Frame 5B12 7 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:400e:80d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/Cisco_Bridge_logo_navy.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e4e437d4955dccab8a8316939d91f0d5b4cc31b08ba5cad94b19c56cf3b97940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2439
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:00:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 13:55:53 GMT

GET
H3 200 Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CE9 36 KB
14 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 11:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:14:03 GMT

GET
DATA 200
OK truncated
/ Frame 5B12 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F8F5 0
60 B 77ms
76ms Ping
image/gif 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMcpKTx5EGc7OHPT28yKntaNTxtFYDpB8kH-rjzotGA5AeP-s82MeYcaIyWEKMo3YhJzXrb-rLBFIO_QZIaH_Y9kgt9akoUF1cBgROVwhlqtroJZaTvnNqYB8rmv_o7a6nTi8bCFQeWbP4Xc2_0Eco8U1cnBDr-slk-vYhyOvlqar8nF0J&sig=Cg0ArKJSzJrfdD_RFr-_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=233&vt=11&dtpt=141&dett=3&cstd=88&cisv=r20220316.25862&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 00:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 300x250_GettyImages-498424506.jpg
s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/ Frame 5B12 27 KB
27 KB 16ms
15ms Image
image/jpeg 2a00:1450:400e:80d::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/300x250_GettyImages-498424506.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f0143c96f9646698bf3c29174fba16a2116674861e57a70fe2a0bf34c6a8e60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:55:53 GMT
x-content-type-options: nosniff
age: 37952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27322
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 13:55:53 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/300x250_GettyImages-498424506.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f0143c96f9646698bf3c29174fba16a2116674861e57a70fe2a0bf34c6a8e60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5901210/1644400837752/GLBL-ENG_NB-06_0_300x250_BAN-A_HTML5_TOFU-no-Networking-5GWiFi6EVideo-Photo-Networking_vidwls027944_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:55:53 GMT
x-content-type-options: nosniff
age: 37952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27322
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 13:55:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77D9 42 B
64 B 119ms
70ms Fetch
image/gif 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjJKGE7UHI5lkrj_io1ISsWq6YeFfwzGaS6F_dmsqHwPrgCF29ABY5DiAUn8aVyTP307xr9TGVvF-xNPldD2WfbVEuu6uKg7lfeNOSPxNbeVEOcIyE&sig=Cg0ArKJSzJgX1VA8quAkEAE&id=lidar2&mcvt=1001&p=234,315,324,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=667020349&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647563303791&rpt=218&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CE9 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BODFxKdIzYvaAC8m17_UPhNGogAEAAAAAOAHgBAI&bg=!R0SlRADNAAba2mK92to7ACkAdvg8WoNPWEBYDED_ELbLqIwEIUj9pAxH4Qe_PpsnojltBdculVOE9gIAAAB7UgAAAAJoAQeZA1iJM9HUdh97d8zywn365JXSZjJVP4O5tgUd1g-ygD3EUxRzzcNuZiuZLNBn-Sx3t4AKF2v2cpLidTL96Y7TJjqtjeZ1ZQ1x80KGbyKf8p3nzSn2yBve_Ov1S2Uku1IWZ9aqDk3SpDgiZt2elc00NnhZ7j2VBQ1YeETeSwldW7ul-s8QXaDrAiJbwE92KNxFGb505IgJrITXLhZZFmqLNbgyKvZ2HQelHv1MP8zYzTBjrFlR5ffvodg92nw2esxCT1SjqkDq1-7E2Jmtw4qoHP9JELdurcMR74FqdT5L5thxVU4WqMOe52pExocLvN7qBnov1ireWO_E3HMYGndRD4MVESSoAiXnPAiHxPmQvnVrQTScMlQqIbnPBEbFQcDTO4UX3mPyQGY4I5hVQVzMKQd3gbBJuXWvlB9ldKSnuOF1hnzwOpYFDciY91xmyDuYUkh8tJrjvv74zfHDm7c34fhdNxz9AXu8Hl2MejR3o3HnbTlyZ-rM76V_42w8wZV-3KF51k90io1wdPFCqeEg_Px-wLCNeCzwjKXzzTHQFibrKArU96AToCpL8YdQ0rVm-fpMmSHMmwaVNGALGjVsuyAV7EJWF7kcdjqbkXlU45SAEw1gaA4z15TXpnRfN-zYw_rFFuY5qUnBE3oCvuX5jWbK9MLOiX8sJhf0PG75gsqtWpVBn2H8aPqEQZX5XyXFfwjfLRR9Uz7dKhVMOt66JEfoCC5NMFuRg4d3fLXzPk4K45aJwz4ZRqRjySrzUJXI4TVw4488vF97EMIot5oS8aX48rQ4Dhotj5TnLchYn4nanohDGjUrKudNTPiMzapQVnou4qeDne89W1kNXvhDlVd06vh13eFjWIEEALtx4s0eozVRiIaPaV5nEXqEdmjKQNipEubN7yjznIxS-1rltBbim5WOEI2zHXjEdswwys0l5RXB5jHOCVKpy7IJm8M2RJQtGYKQXwgYOPmW9RPnTXSNx_ZYzcir3IBCi-aKoG0DXgT3uYYHz8ympNwEDnjqty2jrKt1H97RhHA8FhHt_2hMI-pRjnR3TtDHMTdmBrsZI8cLeEngWmPCmHbGYZ_0l3r5rNrBZNukbPwMU-vbZ2a9g4JcRNjOWqpc0scpyV1flwwV2V6Xun-H

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 00:28:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame B7D6 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 4DD6 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.nextmedia.com.au
URL: https://i.nextmedia.com.au/Assets/20220228043335_small.png

Domain: i.nextmedia.com.au
URL: https://i.nextmedia.com.au/Assets/RVBD-Aternity-Lockup85x25.jpg

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=5901210;c.a=27257712;s.a=3004163;p.a=328206801;a.a=520175621;cache=3883330816;

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhPJT7MNh05WxIoaoRvfeFFoFe5HTQJXm2nWhrk2wUcbY0H7sJQ0j65jbZBO5eHq4b9HbDbZCDEqMydgeI-hqrFm1uTvUpYR-8IBYI2pRsNQvoMEZaxQ&sai=AMfl-YTFrX1uiQogc5nzGQvYgGLidJVaLM7SL3ZC4os7oeVOCqxuu1t6mnRq3XO1Zn8FjMFBgq2pIEgcelLnVF2S4ss88jvqLvxPehItMvqvPaX_-To5rQ1JGtpnuaE&sig=Cg0ArKJSzN_aw5PamCHcEAE&cid=CAASF-Ro12UpC_xBWR11i8qX2uczhhqk_88G&id=ampim&o=531,80&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=448&tls=1448&g=100&h=100&tt=1448&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2669764438

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth5RTZzJ1QgEL78zTqF0vBmofuoyioMaDYPo03d-Su3CqrsS2OD4VmSUXZpzBTpoUPG2_CNYYcc8oDRaP2Eo2e82B0PLnzbEOmIYlpJCU96i-qrQbl&sig=Cg0ArKJSzApw3Ql7ger4EAE&id=lidar2&mcvt=1001&p=360,480,840,1120&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=727088295&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647563303828&rpt=402&isd=0&lsd=0&met=mue&wmsd=0

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.itnews.com.au/	1969-12-31 23:59:59	Name: RegoSource Value: ITN_577458_ArticleRego
.itnews.com.au/	1970-01-20 03:48:59	Name: _gcl_au Value: 1.1.522174276.1647563302
www.itnews.com.au/	1970-01-20 01:40:49	Name: __ss Value: 1647563301967
www.itnews.com.au/	1970-01-20 01:39:26	Name: __ss_referrer Value: https%3A//www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
.linkedin.com/	1970-01-20 02:22:35	Name: UserMatchHistory Value: AQJYbOycTj35KAAAAX-abOd2ZdMiWp_lNWb3jRQ0_Ej2zsgcTWkNZCopUiQGzhDvxM3x5-FA9e_dzA
.linkedin.com/	1970-01-20 02:22:35	Name: AnalyticsSyncHistory Value: AQJCn7lLsgUIqwAAAX-abOd3nHTV-25Ozi0Imik40DmYuQ4K9Bb3XA3gunHZnJd6-n7ka8e-UqakUDd4kKeQXw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:11:17	Name: bcookie Value: "v=2&00b4e85d-2bd1-4c02-88c0-0a1a7ae77513"
.linkedin.com/	1970-01-20 01:40:49	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2304:u=1:x=1:i=1647563302:t=1647649702:v=2:sig=AQFFJwWXxQuymimPlXYj9i5OWUq_bN8x"
.marketingautomation.services/	1970-01-23 17:15:23	Name: koitk Value: 202203%7C6233d2267d182e52e7248cc6
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:11:17	Name: bscookie Value: "v=1&202203180028224635bcb7-dfce-47ad-8e6a-e532230ecb0cAQFhxVlJ2ApscMyUOmf8syE6j7kox9mD"
.linkedin.com/	1970-01-20 18:58:56	Name: li_gc Value: MTswOzE2NDc1NjMzMDI7MjswMjFvBe1R6ifggjYDu1RQck8xjNmhcNa0aThWEDeTiKAP4Q==
www.itnews.com.au/	1970-01-29 04:39:23	Name: __ss_tk Value: 202203%7C6233d2267d182e52e7248cc6
.itnews.com.au/	1970-01-20 03:48:59	Name: _fbp Value: fb.2.1647563302369.71890116
.itnews.com.au/	1970-01-20 19:10:35	Name: _ga Value: GA1.3.1049677494.1647563302
.itnews.com.au/	1970-01-20 01:40:49	Name: _gid Value: GA1.3.1406374632.1647563302
.itnews.com.au/	1970-01-20 01:39:23	Name: _gat Value: 1
.itnews.com.au/	1970-01-20 10:24:59	Name: _hjSessionUser_2321248 Value: eyJpZCI6IjIyOTgxMmJjLWQzYzMtNWIyOC05NzkwLWUxZTIzNTQxNWUyNiIsImNyZWF0ZWQiOjE2NDc1NjMzMDIwOTIsImV4aXN0aW5nIjpmYWxzZX0=
.itnews.com.au/	1970-01-20 01:39:25	Name: _hjFirstSeen Value: 1
www.itnews.com.au/	1970-01-20 01:39:23	Name: _hjIncludedInSessionSample Value: 0
.itnews.com.au/	1970-01-20 01:39:25	Name: _hjSession_2321248 Value: eyJpZCI6ImRjZjZmNTBjLTk1MDgtNGUyNy1hY2ZjLTQ5NzcxM2QyYTEyZCIsImNyZWF0ZWQiOjE2NDc1NjMzMDI0OTksImluU2FtcGxlIjpmYWxzZX0=
www.itnews.com.au/	1970-01-20 01:39:23	Name: _hjIncludedInPageviewSample Value: 1
.itnews.com.au/	1970-01-20 01:39:25	Name: _hjAbsoluteSessionInProgress Value: 0
.prfct.co/	1970-01-20 19:10:35	Name: pa_uid Value: pa_mFLwlX5PRgNTB0g7k
.prfct.co/	1970-01-20 19:10:35	Name: pa_twitter_ts Value: 1647563303448
.prfct.co/	1970-01-20 19:10:35	Name: pa_yahoo_ts Value: 1647563303476
.adnxs.com/	1970-01-20 03:48:59	Name: uuid2 Value: 7554898630455882158
.yahoo.com/	1970-01-20 10:25:20	Name: A3 Value: d=AQABBCfSM2ICEDfQogPWuRJByRdsl2zFcaoFEgEBAQEjNWI9YgAAAAAA_eMAAA&S=AQAAAl3lQF33eAXrM0C5uRZuB9E
.prfct.co/	1970-01-20 19:10:35	Name: pa_openx_ts Value: 1647563303552
.analytics.yahoo.com/	1970-01-20 10:24:59	Name: IDSYNC Value: 18z4~23tc
.prfct.co/	1970-01-20 19:10:35	Name: pa_rubicon_ts Value: 1647563303580
.prfct.co/	1970-01-20 19:10:35	Name: pa_google_ts Value: 1647563303603
.twitter.com/	1970-01-20 19:10:35	Name: personalization_id Value: "v1_dMePaGTeJikqSgkXqYq+TQ=="
.adnxs.com/	1970-01-20 03:48:59	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?ke7](S!]tbP6j2F-XstGt!@DR`$c04N
.doubleclick.net/	1970-01-20 11:00:59	Name: IDE Value: AHWqTUlgnf1x2rHVvA95YkZT16VvjXrFa9vah-ZesxzCWyKqxRvXo5MVcT4uALO_v6c

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foptus-store+iStock_690.jpg&key=__TrS-da0rjPNG46171kXQ&h=200 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=5901210;c.a=27257712;s.a=3004163;p.a=328206801;a.a=520175621;cache=3883330816; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
apple.news
b9ab72b769609dcc1f706ce907358971.safeframe.googlesyndication.com
c.disquscdn.com
cdn.ampproject.org
cdn.bizibly.com
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.nextmedia.com.au
in.hotjar.com
itnewsnext.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
koi-3qnnf9xqbw.marketingautomation.services
native.unrulymedia.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-geo.prfct.co
pixel.rubiconproject.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
referrer.disqus.com
rx-stats3.unrulymedia.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
tag.perfectaudience.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
video.unrulymedia.com
www.apple.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.itnews.com.au
www.linkedin.com
ad.atdmt.com
i.nextmedia.com.au
pagead2.googlesyndication.com
104.18.23.230
104.244.42.131
104.244.42.8
107.178.240.224
108.157.4.102
108.157.4.113
13.107.42.14
13.224.192.221
13.224.195.32
13.224.195.59
142.250.184.198
142.250.185.130
142.250.185.226
142.250.185.66
142.250.186.34
151.101.192.134
151.101.2.217
152.195.15.58
18.156.0.31
199.232.194.49
199.232.196.134
203.176.102.67
203.176.102.69
213.19.147.45
2600:9000:21f3:4600:6:8656:f5c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:135e
2606:4700::6811:46b0
2606:4700::6811:d6cc
2606:4700::6812:15bf
2620:1ec:21::14
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c1b::9c
2a00:1450:400e:80d::2006
2a00:1450:400e:811::200e
2a02:26f0:6c00:294::3277
2a02:26f0:6c00:29a::1aca
2a02:26f0:f7::5c7b:e024
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f158:82:face:b00c:0:25de
34.253.71.31
34.98.64.218
37.252.172.123
69.173.144.138
99.80.58.148
024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b
04e9945037f819c997914cac1aed4692a135400ae57bda7f56d61571673bfdec
05dfc2e98103015e18cc7e469194582e1ac1edaae76a2b33feb7d7b2a80da5ab
062acacf52f08a643fc6509d33cd201c510d025b66f2120b52d74de0de96046d
07a894c8f496286580b2a64793f7d1b4ada72b69f9fea8d8d9056d599cc7e322
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ed2fc83f403d44d06ab44e388b96fbce46e7e8808502fa2279d09fcaf325b21
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
0f51be3d59beeab87af20529dd26391d93ac5a24d1749fb6ad3af63d58603294
0f78f75320dd57ed94f05a30758a5044fe7ccdfef38669edc228f972414834f1
1096ae848f7e01f065ce530dcd17bd1a1af503a2c4ae83cbf8972e900446e36a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111ef215436e1f4c0a8415e91562f11b2c81cfaedb5a4f35c61408a920b37fc6
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
125960938cda0ce106c26a7bb75d9739aa81b06ce576f80b70ff7bcf160d02ad
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14fa5a46eb67474b529c61431e6e47c86de66e9dc7a0d782e919f0fad28fff86
16591e833d434d1243609c2e06a8bf28ba89f295c509fe13043877e8c8f690f3
171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188
1769d6f8e5754fadf5da905645f1c4359822822c98866c295ca4c5a7eb509386
187e1208ea495cf2d00db5baba77743cc6e44b403b548f6f34098c008fdb2f78
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
1a3df4a5e88ac610681d86130da88ba2ece0a809defc6aeeb3678eb9903ab326
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
1d7056f89a26e63a06b6126936b21f5319768e11ef6afcad928c0b9b3d84a875
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1f0d390f283a92ca3f841d7993605ab943979cde23f19e5ce14c793b22dc86b5
1fd64c2c58a6f00031bbb33c485f9898b743fbddd9bbe9ac9e88bfe4d47535ed
206e8a913981ec852b0b2e68e2471ad0ef46e9b69a2ec8bc9451ccb95eaca487
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
24cff78d6d3f658f86d1166907ceeb886ed732ea576573d9d081a35352678e6f
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1
285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2
28d16ff177150e7eae3726d0a569a1854a310ec00f416107559cd266fe547b1b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db
2aa340c2aed0e9ab3b3605a83f08471526e68dde27dbd8422a638147e4d460d9
2b0488cca762a8348b6c33c6f170a30d4cacb37bea1a376d647401b681d8a07d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ef30b4f854878d0c9dcf3d1a44c6aff7684570336b7a231457e8f2dbafa4c16
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
33391baaec782c378a1fb4d805c86c1701a684befeff518eed6e87db2a2b5e07
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35a766d4f52783a8e584eca5fb387a5a594760f5ae0dfa0925a863b6e046007d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37394651b95dda9e8bb1f749671b17658847a4d98b24400a619bd3022940960c
3ac61affb2c53245cac26fc3f5639e9099083b533cce159c1789021bc9cba1ba
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
3bcadac850edf549637bff307161103d88a4d437c4a23d29d831372bf53566c2
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
413dc61acc8e9741b76a34382ddbe3632052fe38d580bd2680d3e9d407ceb6be
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
41eb93c0ecfbc91fea65fc90164d755990a88653ef16523d685431dd2363a30f
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d
4b5592f9640f6a7cc307e866c12e10a1389eafc8519c4e9a173a7bb36e013b80
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4d9e28bf1814e0986b8e5b001e2c8d55d164f9cf8ee3ddc1ccf5560fe7053b66
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50db7c9c01c13f0814e91704229cc9aeb94294eb85d1b3d126d96a8caab7af08
514948b990e4feb83adfe5e20b02ea2d52d52d1d74fff52e045fd3469be58bb0
51608cf7952b33f3673d12f20ca803fe20198db43c9a931cfe11bce627135cf5
51d03b0e5c77c8e9a0f743307168b9f7db8ba1d9e0e24cc287be4506f2609576
5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327
52272f234ba7e7472544119f577b05357e370c853d50d8ae3bb5e3fe73749df1
52760157de92058ad3a11083bcc027371a8708f79f80150e0f7ac9e8eaeec144
52f6f12b9edfc51c6a77b9fd9fe9a1cc25f0557a152bf9d08dd5060777eb32f6
536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e
542ee8ef7e0f4ebe0e7674373af758bd665022030b53f0e4ca8e8391be6ed4ee
54c0b046768c0d09f71e5dbf85d8182618bdef2d7a7f596dde637ebd8fcb6164
565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6
57d45c260349171bf6abd267b81b38dffcc46db86565bad138e6aa76c3caae71
57ec11788b4c6fe3f3f9865bcaa5d26f76dd70f64fcf7c21f5df634c201c108c
597efb31f3406491826d0b0cdf1ffe06136b9bb58c6d2fd96cfe374cbaef04ec
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
5b76a8015ac1a205492878201b11517148cfc2213150c8480c3473fb15d48128
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
5fa4b9d9a56c65d6f525056d71f4e46b1f2750e86960343402424d88c13772f6
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef
684db233a1ce224bfe2f7cd1fcef76de93a8638a3041053dd13235808d86a150
6b4b5cdef6efda6d01f2dc8d1febe3f9339b85c5055a26c6f299284929cda2ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3d83182d981db2e72f00211d9e93ae55db41b31aa8239b589a725521f6b3fa
6cec20407c60a79d7aa86d91e4a0c2bec0023e02b9167980e76a79f476dd0ec4
6f04c6ba9510ec8d7ccdeca4edc6f5de95ebabf01675599d67aba6a23c05f76e
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
74bd60fe5d2e6dfcb24885aa9431314b504257241deb66c821da35152edbde59
78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03
7a7f7b00e22cf33ff4aeef9005ebb800ccad9f67e326142d8ba30c2e801ac719
7afdebdd0e3a94b1b5ea5ab56c1bbc99055cc2941e8e1d62ff37b123a4eb0b0f
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81fa5841ac9aaa4517110eb390a877377b7903aa8270ab5998cc67e0c4a8e141
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba
84c939396ef55a6799bfa96670de5119100bfcc8e45d41fe930ffb37ce8b21ea
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
887f930f37e34d35402ae409f73086dbe4a2131a0f060361b30c5313899bfc49
8c4ed72ccdb83bf66af9838ed668f1bfa3d90d97b0316cd17e6d9cd0d02618fe
8cfe4c729aa49889ea794deb12507542b2fb60c139a855df6a1a4bf12855b111
8f7fa0d6201acd8ed5f589a2b68336fed79fd292e90a6e69a50df50a8ac1fed6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924096ff8a55fcd348d1a877b2c432fc5af8c4c210382abda8b81c98916e1a96
926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0
9425b0e837cb9c9590b51c1d888b85253282602b9409aca94363c2c19369a299
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7
96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d
96f1173b3c05e0f7230e3d2b4ac6ebd7d816de5e71ebabfbe20e2b339dba6078
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
971d0bc2853ee6eb0a538a1d57daa1e71ef704100eefef26b3f5ccfe8ee10bb1
9731714fd0d9c089f3d0b810e32c67e90b4c18dfed8424e2fa4d5b4d082f4603
973bf072ae2ac6d68bd82371390321d9745314f32592dcd98b6ffd891cfc5eb4
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6
98f2b364e969aa07a7f87c1d91e99e7834609ebdc22af6301cfad24d0af5afe3
9b3fd594766f46240cab8e1fd423a26d9f174f9d0115a76d124400013b239652
9db6713aabf5639680dbcd527b19a7f181ea6144a2aee236d13f6f042a902a3a
9e87d03cfa794663ff980662210b8f2e4f2431ce6be676385b2b9f0b4637c575
9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e
9fa3a4bac4c0a505ccddade24a0bd9d3fcbc8043b626541c4a9187c9a477601d
a03406bf5c7fc2f21adafb0228bf93b0feb6d987feb1913adf82a247d82ee5de
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e7e32cf14caf3c5f5b29e79bd8711348a5bf2137a12104d2cd1b1110b0f272
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a35e83e898d24820dbb49dab3e58812a1e635999ac8ed1401794df34a40fd198
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4
a3e79915a5d8c3c22f52e57fa11b2fe3852f70be8ca401e4ad015fcaa7106dc2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fd0ccf18092cf2a46425be60d4b66d153faa940954745625fe1a51afda7a12
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73de8ea36dfa81daa6c2ed8f127460d33f174fc2f73f1fcbb908957f709283d
aaccce9f5bfeff04e43f1fd8843da1ccf4d48e7edab0086886ec69bf13debe1d
abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
ac463ea59caaea49defda8c92d9563474db120a2d34780e72860f224ddb34542
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
b2dce974d741791e58e48d59a1a8bdc9f0b30ab8d7d6136910d37680f01a11c0
b416668ee008f6d3888c2d931e8a24e75078905cf671e3aa68fd070c412be4e7
b501935820a4417e73b5bf4a3ff315426b73c6f18ccad1e66d9d95a3582b4ccf
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b628abcb91b2bbacf3fca30fe48a3aa9680b9562c9ab565fcd9c6401bba44d1a
b695d61dec08008b7557f86ef8855cac3d5ecb30e22ff774963ba80d0c5b7ab0
b786d4b3f2bbece6095ce516580e73a29b34eb63fa36d691c5d6cd63dc9f3305
b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
b927955ca67351ea793fa1b2775d13af9add707afc067b091c7ad9a56c43bc53
ba4abf1f137e3d8cc642ced67ba7c9c179ae2aa93b668623e396ca980d9c0638
bc49368e6acae2f9ba953c1c634dacfe4edb493899c14546df98d9bd8c825941
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bd155db355ab5a7a193b891ddfd824862993fa7f8bddd6e0c62454badef3e5fc
bf6eb81d2f0ae2a0198948b2ad42234e710fbe8146c4bd802b89bdcaba5f7ff1
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2b3bd8209655d45d2945cb76723a9c270c1e4c6d96177703c37c06d47b0ac18
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c5609365a11d6fb3ace1a2596d1a1f593e533e68b85f65d794a49e626c5f5d74
c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5
c5c0b7ca4d9511693687f24cc61b5e5db895350941c2786b8ef4bc1cda11a38b
c5e26e4cb515c57971f5c901dcbec3327d71163c4510d43681e3522353fe4cea
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ca7c7cf63fc0a6c0ab1bee18faa597ef9c5e86adf6bb2e148703cd9dcd53fcc4
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d1a67104aaf06587cabee0eba456e628545ff9b83e95ee164c9779ca743d0ada
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
d5ee4839532847b75e00230a047c1c3a7065745e5d03385e46b3500d6bde92b9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7bb464f9088820a7e05dc96b797cd450be5c411aa0abd20729e2a2c28c5593e
d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52
dbb12ce3fb1759c87d54c5b0c63408249e48c264b80ada6cc5156286073f362d
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de089a1f4b50646a7ad59fb72bf584ef22c46fa61bc468f08cbed592f3e3a388
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112
df26bab7591d49547fd3ffa619eec58cb9c080edb537b5a66a62b935e2dcc138
dfa24ec2d56a01c5d37b6c6b32c1c1fab7ddbb7cf703d57c26009fb972447dbc
e0ee8eba408d9baf59a228777c850dbe4ebda67a4d1ac3eaf6ec0c2fcd9cfd09
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e1e6f97bb2faa88db0884736640299ae3182de6bfb73f2be2e47db465b3753e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e437d4955dccab8a8316939d91f0d5b4cc31b08ba5cad94b19c56cf3b97940
e70c29d610315cc0cfa9f747e61bb05a1b8f3216470f05c0e5bc1eb532fd7991
ea6da8487b903fd84a283d780bede1ae1da97d7f2c364653e790822405505f62
eabfa2c6f318f6b75277efaf8b857efc7be1996648af308ecf700619f0a1dc63
eb78da83b6aecb5e02430b98742d5a902a032b3cbbf9614313a71072bd28278d
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
eee17c613ed2ebc4defb62864a13c2ef23e1f2b0b49451c3f97f194d0359345f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b
f0143c96f9646698bf3c29174fba16a2116674861e57a70fe2a0bf34c6a8e60e
f06127811fdbe4dd809aeb81fbb2c415fda5f8fe83ce431fa9ac086082b679fe
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f516c3196a02d0a44636e20fd582f98d2ee57cd15887a6621971babb448695a6
f5be6b4ad6092fdc20e472ee2842bf784e4846489ef8b0f83bc4077909b129df
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1
f9485622e66dcc81eda9fb9326d1cfdbd7d77afd4dc525bd5a516294bc9ad19d
fcb003d472154f94b33af9a9387972c9930c65a786077fb527407bb230f87c21
ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657

www.itnews.com.au Open in urlscan Pro 203.176.102.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

305 Requests

92 %HTTPS

51 %IPv6

40 Domains

63 Subdomains

58 IPs

7 Countries

5687 kBTransfer

11084 kBSize

36 Cookies

37 Outgoing links

Page URL History

Redirected requests

305 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.itnews.com.au Open in urlscan Pro
203.176.102.69 Public Scan

Screenshot
Live screenshot

Full Image

305
Requests

92 %
HTTPS

51 %
IPv6

40
Domains

63
Subdomains

58
IPs

7
Countries

5687 kB
Transfer

11084 kB
Size

36
Cookies

305 HTTP transactions
11 data transactions