www.ghacks.net Open in urlscan Pro
151.101.114.207  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://www.google-analytics.com/r/collect?v=1&_v=j82&a=897044229&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&ul=en-us&de=UTF-8&dt=First%20Chrome%20extension%20with%20JavaScript%20Crypto%20Miner%20detected%20-%20gHacks%20Tech%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1701101624&gjid=1917380420&cid=1969434061.1591759366&tid=UA-111230-1&_gid=1114495360.1591759366&_r=1&gtm=2wg5r0NHW6RDK&z=1548359393 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_gid=1114495360.1591759366&gjid=1917380420&_v=j82&z=1548359393 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_v=j82&z=1548359393 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_v=j82&z=1548359393&slf_rd=1&random=4005405871

Request Chain 119

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 124

• https://ads.us.e-planning.net/hb/1/2c7a1/1/www.ghacks.net/ROS?rnd=0.05902717612300368&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B300x250_3%3A300x250%2C300x600&ur=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&gdpr=0 HTTP 302
• https://ads.us.e-planning.net/hb/1/2c7a1/1/www.ghacks.net/ROS?ct=1&rnd=0.05902717612300368&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B300x250_3%3A300x250%2C300x600&ur=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&gdpr=0

Request Chain 181

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 188

• https://sync.1rx.io/usersync2/eplanning HTTP 302
• https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1

Request Chain 189

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D2b579e90284bb804%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D2b579e90284bb804%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=2b579e90284bb804&uid=34c10fbe5311d87b87b82fad

Request Chain 190

• https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2b579e90284bb804%26uid%3D%24%7BUID%7D HTTP 302
• https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2b579e90284bb804%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
• https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2b579e90284bb804&uid=324354ca-4625-48f3-aaec-281a812ebf4d

Request Chain 191

• https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2b579e90284bb804 HTTP 302
• https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2b579e90284bb804

Request Chain 192

• https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
• https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
• https://eb2.3lift.com/xuid?mid=3658&xuid=8114b1b8-c4c5-4177-b358-638dc3a08e23&dongle=0cfd

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/	100 KB 23 KB	582ms 463ms	Document text/html	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 1398610cb234de1986375baa8a3788e9a057b8a3d3cfcebc086f8a5cacc3b8d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers :method GET :authority www.ghacks.net :scheme https :path /2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx content-type text/html; charset=UTF-8 link <https://www.ghacks.net/wp-json/>; rel="https://api.w.org/" <https://www.ghacks.net/?p=137166>; rel=shortlink cache-control private, proxy-revalidate, s-maxage=0 strict-transport-security max-age=31536000 x-kinsta-cache MISS content-encoding gzip x-content-type-options nosniff accept-ranges bytes bytes bytes bytes mrf-tech CDN date Wed, 10 Jun 2020 03:22:46 GMT x-served-by cache-lcy19252-LCY, cache-hhn4038-HHN x-cache MISS, MISS x-cache-hits 0, 0 x-timer S1591759366.609295,VS0,VE407 vary Accept-Encoding, user-agent x-b3-traceid 88de088a68094ac79dfed21fe9480458 x-b3-traceid-primal 88de088a68094ac79dfed21fe9480458 mrf-cache-status MM
GET H2	200	gardac-sync.js Show response b.marfeelcache.com/statics/marfeel/	9 KB 4 KB	183ms 57ms	Script application/javascript	151.101.14.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://b.marfeelcache.com/statics/marfeel/gardac-sync.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 08488d175ed222ebe005013e57c4394f1cd0aaf4cb7261c697bbd24be7a1d2ba Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-encoding br x-b3-traceid 2042875a46594d7dad246d10e7d66178 x-mrs-cache HIT status 200 x-mrs-age 2624 content-disposition inline;filename=f.txt x-served-by mshield-b-02, mshield-f-02, cache-yul8922-YUL, cache-fra19141-FRA x-mrf-age 0 x-timer S1591759366.203543,VS0,VE1 etag "0effe32da1a9048b77ff16f8cd2c5ae5c" vary Accept-Encoding content-type application/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86401 mrf-cache-status H-HH access-control-allow-headers x-requested-with x-cache-hits 4, 1 date Wed, 10 Jun 2020 03:22:46 GMT via 1.1 80099f722d5f0e6d460a829113039b83.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish x-amz-cf-pop YUL62-C1 x-mrf-lastmod 0 x-cache Miss from cloudfront, HIT, HIT x-mrf-rendered 1591552288934 x-b3-traceid-primal 70c472210dda44d5bbe26d1d03451c5c content-length 3607 x-mshield-cache-status HIT x-mrf-type SECTION server nginx x-mrf-shard all x-mrs-cache-hits 1 accept-ranges bytes x-amz-cf-id 7MLV_rrlZ9KVt2WWlhTJ2k4xgf8p_KggnpqBo6rW9JD1b-2ZhfSwBA==
GET H2	200	style.min.css www.ghacks.net/wp-includes/css/dist/block-library/	40 KB 6 KB	59ms 56ms	Stylesheet text/css	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=5.3.3 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid aedb719523f5495ca2050978342f8b28 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal b60b603f0bcb40f5a95be0b6667f21d0 content-length 6320 x-served-by cache-lcy19256-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.079935,VS0,VE0 etag W/"5e7cd196-a1fb" vary Accept-Encoding, User-Agent content-type text/css; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 4
GET H2	200	slick.css www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/	2 KB 802 B	62ms 59ms	Stylesheet text/css	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 7103fea0329e45b58938239fd4c551b5 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal bba7569d60e5459bb61a2561954bc3f4 content-length 570 x-served-by cache-lcy19259-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.080129,VS0,VE0 etag W/"5dd66da5-62b" vary Accept-Encoding, User-Agent content-type text/css; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 7, 4
GET H2	200	recent-post-style.css www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/	8 KB 2 KB	61ms 58ms	Stylesheet text/css	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 1e153c55ed1280e91975a7453a9abb978cb675ae4092c2b01755ff0eba2ea0d4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-mrf-section-lastmod 0000000000 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid abc1e6b842ba4198b9aa722e382436a6 x-b3-traceid-primal e27ac99edb574bbba89b41e91d03e924 content-length 1743 x-served-by cache-lcy19258-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN x-mrf-item-lastmod 0000000000 server nginx x-timer S1591759366.080081,VS0,VE0 etag W/"5dd66da5-1f19" vary Accept-Encoding, User-Agent content-type text/css; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 3, 4
GET H2	200	frontend.css www.ghacks.net/wp-content/plugins/download-monitor/assets/css/	5 KB 1 KB	63ms 60ms	Stylesheet text/css	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=5.3.3 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 2f30ccc543364f7688e18a0a1af93d72 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal 156a5c1767514b7daf342de0072436a8 content-length 1245 x-served-by cache-lcy19234-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.080361,VS0,VE0 etag W/"5ca5969d-14a0" vary Accept-Encoding, User-Agent content-type text/css; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 4
GET H2	200	style.css www.ghacks.net/wp-content/themes/new-ghacks-preview/	213 KB 33 KB	89ms 86ms	Stylesheet text/css	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.17 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 421e9d7586f5acba0a0692651826bc1f30b64fc01b17d64b7db94898248f3398 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 2b62b54813fd455684cfaf882d48c210 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal 0e1a13933c334b9ab5c0642bd372aa5e content-length 34077 x-served-by cache-lcy19240-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.080522,VS0,VE0 etag W/"5e3937d5-352e2" vary Accept-Encoding, User-Agent content-type text/css; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 4, 4
GET H2	200	jquery.rating.css www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/	954 B 584 B	64ms 61ms	Stylesheet text/css	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 18443f12a9cf9f1c2e35cd729dd3fa6675305fef633ed35dd27818b208992d58 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-mrf-section-lastmod 0000000000 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid 048c78b45da245a5bae19c8c105c21a5 x-b3-traceid-primal 8aec1a26533f4ae4a9eb2e2dc328be79 content-length 424 x-served-by cache-lcy19258-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN x-mrf-item-lastmod 0000000000 server nginx x-timer S1591759366.080507,VS0,VE0 etag W/"5e736e59-3ba" vary Accept-Encoding, User-Agent content-type text/css; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 4
GET H2	200	style.css www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/	2 KB 963 B	63ms 60ms	Stylesheet text/css	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ad4633fb55ed506d030b7f435500c25146e1826831337b8d18de74a32bcb4517 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-mrf-section-lastmod 0000000000 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid 0d08e9fec18b4fcaa87de0e2afd779d1 x-b3-traceid-primal 7fedd70671fd4b548ff606ae02029cef content-length 750 x-served-by cache-lcy19272-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN x-mrf-item-lastmod 0000000000 server nginx x-timer S1591759366.080493,VS0,VE0 etag W/"5c87a583-940" vary Accept-Encoding, User-Agent content-type text/css; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 4
GET H2	200	jquery.js Show response www.ghacks.net/wp-includes/js/jquery/	95 KB 33 KB	64ms 61ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid fb12ba34c999429e9cf4cbfc5ed5031c access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal 94255537195844218482d1bb3bd63e5a content-length 34019 x-served-by cache-lcy19280-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.080489,VS0,VE0 etag W/"5ce47190-17a69" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 2, 3
GET H2	200	jquery-migrate.min.js Show response www.ghacks.net/wp-includes/js/jquery/	10 KB 4 KB	88ms 86ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-mrf-section-lastmod 0000000000 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid 4daa1c93356f4bbaa6dc472657c8b3f4 x-b3-traceid-primal b0c4e9defb524f43a8e74aafa59e5ae2 content-length 4016 x-served-by cache-lcy19232-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN x-mrf-item-lastmod 0000000000 server nginx x-timer S1591759366.080695,VS0,VE0 etag W/"57697d55-2748" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 2, 3
GET H2	200	prebid3.20.0.js Show response www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/	200 KB 63 KB	88ms 86ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9e97988f3b065c6a1c7a688ca1f1d42dce2689cdbd88b02a72a7041a143df0e9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 15f87e8e58e14bf89ec7f8843a16cc2e access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal 029a869e2332423091bbe09e7aac2207 content-length 64688 x-served-by cache-lcy19264-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.080687,VS0,VE0 etag W/"5ec68555-32047" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 2
GET H2	200	prebid.js Show response www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/	4 KB 1 KB	124ms 122ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/prebid.js?ver=1.2.3.4.17 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash aa28276927af7cdd999272093f19a86fbf47dd0827bd8b3d1d9f5260591edc91 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid de026a907fa24454a868aeb8ea6929ec access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal c740c2e47b5647d9aa7ebb38e85b18a6 content-length 788 x-served-by cache-lcy19236-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.108783,VS0,VE0 etag W/"5ec68556-fa6" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 2
GET H2	200	a9bidder.js Show response www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/	1 KB 757 B	125ms 123ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/a9bidder.js?ver=1.2.3.4.17 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e234c0ab5cd2e69962e373dba9a8b9e33f20785b3471131d088bf03cee6b16a2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid fb3fe01755bd4852b1635331c8c8fdb4 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal a1a4e31e08774e42b64b48227878d740 content-length 592 x-served-by cache-lcy19277-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.108775,VS0,VE0 etag W/"5e2197da-498" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 3
GET H2	200	jquery.rating.min.js Show response www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/	29 KB 10 KB	123ms 121ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 554f3ff96cba4f2f33ff2c37c48282006ab24a85cf9ca0ac8b22b0a06126c1d4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-mrf-section-lastmod 0000000000 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid ba51f3db5f954bc4b26496bad81ad732 x-b3-traceid-primal 4bbb43c72a684a489333e6bb19006979 content-length 10183 x-served-by cache-lcy19257-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN x-mrf-item-lastmod 0000000000 server nginx x-timer S1591759366.108754,VS0,VE0 etag W/"5c87a583-73e0" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 3
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	43 KB 15 KB	192ms 67ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash eeff404f28fcad3bc052565857c41371c04ec632deae9a142101f89c23398342 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 104 of 1000 / last-modified: 1591669099" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14473 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:46 GMT
GET H2	200	chrome-extension-crypto-miner.png www.ghacks.net/wp-content/uploads/2017/09/	33 KB 33 KB	71ms 69ms	Image image/webp	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.ghacks.net/wp-content/uploads/2017/09/chrome-extension-crypto-miner.png Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 923b06d57f39f52ac467398306f9470958e179590a91a8f2b4a02afc65f3d223 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT x-content-type-options nosniff x-b3-traceid d7170c04df69427ca1c94fe909132274 x-cache HIT, MISS fastly-io-info ifsz=41685 idim=958x588 ifmt=png ofsz=33886 odim=958x588 ofmt=webp status 200 fastly-stats io=1 content-length 33886 x-served-by cache-lcy19231-LCY, cache-hhn4038-HHN x-b3-traceid-primal 03849623686c44d0b138c48131455049 accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.269060,VS0,VE13 etag "/J3VxVDOrJc9F1s1aY7sfqcE2Hyz5XdHgzkYh5enUgs" vary Accept, User-Agent content-type image/webp access-control-allow-origin * cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HM x-cache-hits 1, 0
GET H2	200	ghacks-technology-news.jpg www.ghacks.net/wp-content/uploads/2005/10/	2 KB 2 KB	59ms 57ms	Image image/webp	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.jpg Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software kinsta-nginx / Resource Hash 78152b05fe3e360d28abe32950f5bb0f1f7b0025ade4d446a74232d04f577640 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT x-content-type-options nosniff x-mrf-section-lastmod 0000000000 x-cache HIT, HIT fastly-io-info ifsz=3902 idim=235x51 ifmt=jpeg ofsz=2044 odim=235x51 ofmt=webp status 200 x-b3-traceid d42a1a0099b345ea9f6dc57c2718d134 fastly-stats io=1 content-length 2044 x-served-by cache-lcy19262-LCY, cache-hhn4038-HHN x-b3-traceid-primal d2687c023b7c49159fa5fb97b70f0079 accept-ranges bytes mrf-tech CDN x-mrf-item-lastmod 0000000000 server kinsta-nginx x-timer S1591759366.269302,VS0,VE1 etag "R+tbj2gBTbqAaOohGLyPauuSKchphEPqwK+MHuunEaY" vary Accept, User-Agent content-type image/webp access-control-allow-origin * cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 1
GET H2	200	frontend.5faa9eb4.js Show response www.ghacks.net/wp-content/plugins/geoip-detect//js/dist/	19 KB 7 KB	57ms 56ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/geoip-detect//js/dist/frontend.5faa9eb4.js?ver=3.0.1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash a947e194fb58b58084d86b89beff874324d19c48f539d543f8057104bb9d2122 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-mrf-section-lastmod 0000000000 access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid c636ca7922914c94a55c53edcc117a23 x-b3-traceid-primal 7724cd4fa8d94606910675a0a2556ff9 content-length 7140 x-served-by cache-lcy19263-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN x-mrf-item-lastmod 0000000000 server nginx x-timer S1591759366.205121,VS0,VE0 etag W/"5e7cd0dd-4d63" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 2, 3
GET H2	200	resizer.js Show response www.ghacks.net/wp-content/plugins/marfeelpress/includes/base/src/resources/js/	681 B 563 B	57ms 57ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/plugins/marfeelpress/includes/base/src/resources/js/resizer.js?ver=5.3.3 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 3e6a2077fb744ec99f1043585bf35594 x-cache HIT, HIT status 200 x-b3-traceid-primal 3fb26c501b034fe0882606fe483a257a content-length 305 x-served-by cache-lcy19242-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.262662,VS0,VE1 etag W/"5e78c4b7-2a9" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 1
GET H2	200	scripts.js Show response www.ghacks.net/wp-content/themes/new-ghacks-preview/	2 KB 1 KB	58ms 56ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.17 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 386f75ff678acfd05c2eac619e2a850cf37583f1e3ad4b3d7a199088e6b747fd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 4a2b7e41d8024a969e9204e344a9ce0b access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal 85e9b8e8e14e48da8f2dea559f4ed50a content-length 781 x-served-by cache-lcy19220-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.268935,VS0,VE0 etag W/"5e71df91-6cd" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 3
GET H2	200	comment-reply.min.js Show response www.ghacks.net/wp-includes/js/	2 KB 1 KB	59ms 57ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=5.3.3 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 5ae952cedc85480ca8f2390a6d6fe3ca x-cache HIT, HIT status 200 x-b3-traceid-primal 7f66076ef42c4af7b6c50219fb90b54c content-length 1130 x-served-by cache-lcy19258-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.269080,VS0,VE1 etag W/"5e7cd1b4-951" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 1
GET H2	200	didomi.js Show response www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/	1 KB 909 B	58ms 56ms	Script application/javascript	151.101.114.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/didomi.js?ver=5.3.3 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash cc804bb6d40147c289ab5096b63d62631fcfaef23d734477519ac8634d6d05c4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff x-b3-traceid 8c7edaef949b4072a3b463358c567d2b access-control-allow-origin * x-cache HIT, HIT status 200 x-b3-traceid-primal f045578a17b140baab9191bb6af1f3ac content-length 739 x-served-by cache-lcy19238-LCY, cache-hhn4038-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1591759366.269072,VS0,VE0 etag W/"5eccf5c8-5ae" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 via 1.1 varnish cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 2
GET H2	200	main.d.js Show response b.marfeelcache.com/www.ghacks.net/	13 B 473 B	59ms 58ms	Script application/javascript	151.101.14.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://b.marfeelcache.com/www.ghacks.net/main.d.js Requested by Host: b.marfeelcache.com URL: https://b.marfeelcache.com/statics/marfeel/gardac-sync.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT via 1.1 39f4071549e43b8b6d8013771c32f544.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish x-b3-traceid d5e6be1a5ce9469788cbea9a947fd991 x-amz-cf-pop YUL62-C1 x-mrf-lastmod 0 x-mrs-cache REFRESHING status 200 x-mrf-rendered 1591272965443 x-cache Miss from cloudfront, HIT, HIT x-b3-traceid-primal 528edcd18a184bb78b24d9f83ba1e0cd content-length 13 x-mshield-cache-status REFRESHING server nginx x-served-by mshield-b-01, mshield-f-02, cache-yul8920-YUL, cache-fra19141-FRA x-mrf-age 0 accept-ranges bytes x-mrf-type SECTION x-mrs-age 0 x-timer S1591759366.269698,VS0,VE1 etag "067e866c735744ec6037b77b623ee022d" x-mrf-shard 7 content-language en access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin, Date cache-control public, max-age=61 x-mrs-cache-hits 0 mrf-cache-status R-HS content-type application/javascript;charset=UTF-8 access-control-allow-headers x-requested-with x-amz-cf-id y9ogfLjo2Sv8McWhMDVLHJfNnil0lt123I2xrhg5aLAbQ4mRztW8OA== x-cache-hits 13, 1
GET H2	200	gtm.js Show response www.googletagmanager.com/	62 KB 25 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bcd880f5e92791d293dc5b0960dacf31e7b248f314b6a01eaa2499fc220bc88b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25144 x-xss-protection 0 last-modified Wed, 10 Jun 2020 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 10 Jun 2020 03:22:46 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	101 KB 26 KB	249ms 101ms	Script application/javascript	52.84.108.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/a9bidder.js?ver=1.2.3.4.17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.84.108.84 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-108-84.bud50.r.cloudfront.net Software Server / Resource Hash b388addf9c8ba4bc2852132727bd9df68c99db7ca97d22fdb18ad2a426d02a5b Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:17:13 GMT content-encoding gzip server Server age 335 etag 06fa05e9082ab6150f8e415571b3ff6a x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=900 x-amz-cf-pop BUD50-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id sGLRMVxNZQ-L8FbYB8gX4cBr2UfbSa_DDKXeO6PDq-LMG4t7oPhLcA== via 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 21:54:13 GMT server Golfe2 age 1587 date Wed, 10 Jun 2020 02:56:19 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18433 expires Wed, 10 Jun 2020 04:56:19 GMT
GET H2	200	loader.js Show response sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/	8 KB 4 KB	345ms 295ms	Script application/javascript	2600:9000:2050:c000:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/didomi.js?ver=5.3.3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2050:c000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 354fa8fcd2ad5d24d26fb56e75f2e3ac602daf1e08e8280414aac3f05ee58c48 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip server CloudFront x-amz-cf-pop BUD50-C1 etag "d6ca9e070067173d25425476d67dcdd0" x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=3600 content-length 3552 via 1.1 9937e1f0d2a1ed303439fcf21256850f.cloudfront.net (CloudFront) x-amz-cf-id wGbiAun2lueK6eearJHnMXRVOYgNiyuKlJeK9SJHeCclhdhXFlo1Mg==
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j82&a=897044229&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_gid=1114495360.1591759366&gjid=1917380420&_v=j82&z=1548359393 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_v=j82&z=1548359393 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_v=j82&z=1548359393&slf_rd=1&random=4005405871	42 B 535 B	37ms 16ms	Image image/gif	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_v=j82&z=1548359393&slf_rd=1&random=4005405871 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 10 Jun 2020 03:22:46 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111230-1&cid=1969434061.1591759366&jid=1701101624&_v=j82&z=1548359393&slf_rd=1&random=4005405871 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.ee/adsid/	109 B 952 B	49ms 14ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ee/adsid/integrator.js?domain=www.ghacks.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 952 B	37ms 15ms	Script application/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.ghacks.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/	246 KB 88 KB	67ms 67ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:46 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	209ms 70ms	XHR application/javascript	52.84.108.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.84.108.84 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-108-84.bud50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Jun 2020 15:41:47 GMT content-encoding gzip vary Origin age 42060 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Sat, 06 Jun 2020 15:26:41 GMT server AmazonS3 access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript via 1.1 1008748c844980a7bf932624d793da48.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop BUD50-C1 x-amz-cf-id UDXIZ0dNr-ILyktb8U4VAZGIAWPxxwaIC_m39Lg3adSzyCoWSTZdTQ==
GET H2	200	sdk.0d5e333e07dd193174c5d12abd61ca7177063b13.js Show response sdk.privacy-center.org/	224 KB 51 KB	32ms 32ms	Script application/javascript	2600:9000:2050:c000:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/sdk.0d5e333e07dd193174c5d12abd61ca7177063b13.js Requested by Host: sdk.privacy-center.org URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2050:c000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6fa3d7287725a6a801cc61aa0ff1a51a80e69f12816e15c2cfa781f9f1efe119 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 08 Jun 2020 07:44:19 GMT content-encoding gzip last-modified Mon, 08 Jun 2020 07:42:45 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1591602075/ctime:1591602075/gid:0/gname:root/md5:2f63166832205ef6218fd3c9b672a948/mode:33188/mtime:1591602075/uid:0/uname:root age 157108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=31536000 x-amz-cf-pop BUD50-C1 x-amz-cf-id xar9XKO96la-TGCTr-L8j9IoZ4JSkABIcGHz1cvetDYkuRe4ho2KfA== via 1.1 9937e1f0d2a1ed303439fcf21256850f.cloudfront.net (CloudFront)
GET H2	200	ui-gdpr-en.0d5e333e07dd193174c5d12abd61ca7177063b13.js Show response sdk.privacy-center.org/	209 KB 42 KB	27ms 27ms	Script application/javascript	2600:9000:2050:c000:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/ui-gdpr-en.0d5e333e07dd193174c5d12abd61ca7177063b13.js Requested by Host: sdk.privacy-center.org URL: https://sdk.privacy-center.org/sdk.0d5e333e07dd193174c5d12abd61ca7177063b13.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2050:c000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 10ff0c77c79b955bd9690d8a07273689a811fba14c932ea2836215c905a161ef Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 08 Jun 2020 07:44:23 GMT content-encoding gzip last-modified Mon, 08 Jun 2020 07:42:48 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1591602075/ctime:1591602075/gid:0/gname:root/md5:06a516c09a42a1c87cb2170c04ff4ff3/mode:33188/mtime:1591602075/uid:0/uname:root age 157105 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=31536000 x-amz-cf-pop BUD50-C1 x-amz-cf-id 9QgGNHRBlqoa1MFw8qHpjqLNENonPRNFcfVTzpv5nIgG72mr7Uweqw== via 1.1 9937e1f0d2a1ed303439fcf21256850f.cloudfront.net (CloudFront)
GET H2	200	gtm.js Show response www.googletagmanager.com/	98 KB 33 KB	21ms 21ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBZKGBR Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9f8303a7d858e18f04bf7d93ec7f280fd66d3db5bd62fccbe00a77aa6259272a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:46 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33587 x-xss-protection 0 last-modified Wed, 10 Jun 2020 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 10 Jun 2020 03:22:46 GMT
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 371 B	127ms 126ms	XHR text/javascript	52.84.108.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&pid=Qp1zA8jgmtHlC&cb=0&ws=1600x1200&v=7.50.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FGhacks-Desktop-EN%2FGH-Features%2FGH-Articlepage%2FATF_Leaderboard_First%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FGhacks-Desktop-EN%2FGH-Features%2FGH-Articlepage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FGhacks-Desktop-EN%2FGH-Features%2FGH-Articlepage%2FBTF_MPU_First%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FGhacks-Desktop-EN%2FGH-Features%2FGH-Articlepage%2FBTF_MPU_Second%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FGhacks-Desktop-EN%2FGH-Features%2FGH-Articlepage%2FBTF_MPU_Third%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FGhacks-Desktop-EN%2FGH-Features%2FGH-Articlepage%2FBTF_Leaderboard_First%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22fluidx550%2C309%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FGhacks-Desktop-EN%2FGH-Features%2FGH-Articlepage%2FBTF_OOP_Seethrough%22%7D%5D&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.84.108.84 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-108-84.bud50.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:47 GMT via 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront) server Server x-amz-cf-pop BUD50-C1 status 200 vary User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.ghacks.net access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id JbHzbvmY4IqL8tGCPIdgvJFYEsVPXFFKeitTD1zgNJE6BP7u8siKzQ==
POST H2	200	/ Show response geols.bcovery.com/	2 B 281 B	135ms 59ms	XHR text/html	35.227.202.209 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://geols.bcovery.com/ Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.202.209 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 209.202.227.35.bc.googleusercontent.com Software nginx/1.10.3 / Resource Hash f1534392279bddbf9d43dde8701cb5be14b82f76ec6607bf8d6ad557f60f304e Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:47 GMT via 1.1 google server nginx/1.10.3 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization,Referer, User-Agent status 200 access-control-allow-methods GET, POST, OPTIONS, PUT, PATCH, DELETE content-type text/html; charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true alt-svc clear
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	57 KB 10 KB	344ms 343ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1068435156847575&correlator=2571068179762513&output=ldjh&impl=fifs&adsid=NT&eid=21066361%2C21065138&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2CGH-Features%2CGH-Articlepage%2CATF_Leaderboard_First%2CATF_MPU_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%7C300x600&prev_scp=type%3Dtop_display_leaderboard%26pos%3Dtop%26devel%3D0%26personalized%3D0%26gh-recat%3Dgoogle-chrome-browsing%2Cgoogle-chrome-extensions%26gh-contentid%3Dfirst-chrome-extension-with-javascript-crypto-miner-detected%26countryCluster%3DA3%26medium%3Dorganic%26medium_campaign%3Dorganic%26amznbid%3D2%26amznp%3D2%7Ctype%3Dtop_display_mpu%26pos%3Dtop%26devel%3D0%26personalized%3D0%26gh-recat%3Dgoogle-chrome-browsing%2Cgoogle-chrome-extensions%26gh-contentid%3Dfirst-chrome-extension-with-javascript-crypto-miner-detected%26countryCluster%3DA3%26medium%3Dorganic%26medium_campaign%3Dorganic%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=iabgdprapplies%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1591759369&dt=1591759369932&dlt=1591759366045&idt=562&frm=20&biw=1600&bih=1200&oid=3&adxs=620%2C1032&adys=35%2C323&adks=2652150016%2C1327503507&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&dssz=50&icsg=11291065343&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x115%7C336x250&msz=728x90%7C336x250&ga_vid=1969434061.1591759366&ga_sid=1591759370&ga_hid=897044229&fws=0%2C0&ohw=0%2C0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 867a7d4e7f5739dd1ea54f9d6d93cadd11113b568d21d4aaf0563ad61a5c68d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9427 x-xss-protection 0 google-lineitem-id 5383174536,5384318150 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138298876121,138312808911 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 62e253e566ea7e6657e6c7c221feca83.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	57ms 14ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://62e253e566ea7e6657e6c7c221feca83.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	25ms 6ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 57A4	43 KB 15 KB	46ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc30dde0d44cd2d032a8c00f480d9c1cd94a1a55736f942a30baed9aff192246 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 591 of 1000 / last-modified: 1591669053" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14473 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame 57A4	246 KB 88 KB	66ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 57A4	113 B 956 B	33ms 14ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 57A4	482 B 445 B	268ms 267ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2787070178284749&correlator=402441144334076&output=ldjh&impl=fif&eid=21065976&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2Cgh-features%2Cgh-articlepage%2Cbtf_leaderboard_first_bcovery&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x250%7C728x90%7C970x90&prev_scp=pos%3Dbottom%26type%3DBottom_Display_Leaderboard&eri=2&cookie_enabled=1&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1591759370&dt=1591759370212&dlt=1591759370039&idt=157&ea=0&frm=23&biw=1600&bih=1200&isw=740&ish=150&oid=3&adxs=232&adys=11660&adks=2086550877&ucis=fpr5mryyxvut&ifi=1&ifk=1865644875&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&top=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&dssz=2&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=740x250&msz=740x250&ga_vid=1041881844.1591759370&ga_sid=1591759370&ga_hid=445773404&fws=256&ohw=0&btvi=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash e7112e17252b21ed88e07437b6ea6a1b96c56a46a525dfc83eb67d57deb4cc8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 264 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 8c09559044a84ee2ba13cae894c5cfbf.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 57A4	0 0	48ms 14ms	Other text/html	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8c09559044a84ee2ba13cae894c5cfbf.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 57A4	0 0	6ms 5ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 2844	0 0	67ms 67ms	Fetch image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvq0xAIbQKiXOApVKXHvAOwBzSYufWKdvO0mPgXfCvAuyrAQdLZkxMHAnoBfnZbJkzredPH9vWOMfD4a1cqoqzNYw3Nd1hM8j8-HG9dagLDlqx3m9PusSvzbUfLQuqzAFkrr_JQwCxs0aijQBLBprCgk080D40m5gXKxb8I3XhbgNIQivnbGoNUI35aJcvSJSNO0qnk7AiKv-w7qVbZyGelIOssI1iaxgU366ldBw1lTMJPcisRSzRACAd6OxsLYs2PCG5fjjG-wOnM2UcwyAyj7C2nrU-FQ5Y40FSFKphWT-r3iB_QjNW5uGRJF4HqxFDzKkomEmjqsmcCpJUg8zDi0aI&sai=AMfl-YQUkMqCnMCaYeFXLiUK6GHRbEeOeJJcXEqGc3t5_qcJ-ODfDURPvE2ddU2BEwV-heulBeNkK8EBtJUXn6q5wM_T90uDXkhDGATWkTJe&sig=Cg0ArKJSzNcrRO50XebGEAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 2844	43 KB 14 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc30dde0d44cd2d032a8c00f480d9c1cd94a1a55736f942a30baed9aff192246 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 535 of 1000 / last-modified: 1591669053" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14473 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 2844	74 KB 28 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4124725dc578154ad0a57eaa1b314398279ad4c245bec14490cc028c91fcae33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591616111897637" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28493 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 86EC	0 0	67ms 67ms	Fetch image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2HWTIN3xfKD6BDGXM9AuLwHyk17gMyYzgMpyA02TgCHL_bOwAOJDW8MQHpra4ni9gH18N27NrmH6jJMfDx_CuM7IMujBGqF4UO5rOfkEyPeyY9bFcOJKemzdpJVWMB3E5Vu3YiqnDyOumvS4RTIXEshI4_YNJaZJ_khkhuPsLn3S9gWCwg1sXd9VAje7pqRi_g42CL_-RlZ4p8b424DmNTdHSXbmeUTSPX9lXUpg9KoQzDJAV7wCP69_VzCo-VQWkRvkp54xphwIysRpfemDpthXX7OKC4uUQxEZbmfc-09y-ifhnTWWCSNgX_s89wxJ26fYa9G_FT74U&sai=AMfl-YSxFJL0o9zBGFrfdqfQgPOc3TkrRrRiJiXOLym5c4r3niXJ54atwgutioKAiy2jIssUsY9q1hdGDZ3NrLmOaVS0XdbEcS9k3NDMtBrG&sig=Cg0ArKJSzAR8PeTmG5g8EAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 86EC	43 KB 14 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d99566f2ff2086986fecd16acb4f78e081b7bed867bdcdc8d5d90e1a2773faeb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 114 of 1000 / last-modified: 1591669099" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14473 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 86EC	74 KB 28 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4124725dc578154ad0a57eaa1b314398279ad4c245bec14490cc028c91fcae33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591616111897637" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28493 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ca6176080cdc35abd70f46682d5be4be52124973f6428ad82e53eea55bb932d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591616111897637" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27916 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 841 B	33ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1068435156847575&r=728x90%7C970x90&w=728&h=90&a=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	36ms 18ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 99266726c17ac437822fb8593b15eba227c6ae724cd591b8c8a133f389b4a01a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5574 x-xss-protection 0
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame 2844	246 KB 88 KB	66ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 2844	113 B 172 B	15ms 14ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame 86EC	246 KB 88 KB	69ms 69ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 86EC	113 B 172 B	14ms 14ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 6 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 1C17	0 0	6ms 5ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Wed, 10 Jun 2020 03:14:44 GMT expires Thu, 10 Jun 2021 03:14:44 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 486 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 2844	0 54 B	69ms 68ms	Image image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8MRT08e7E9teTUGUE6ImTYfFSmwEB9CZVi-GQG1jopS7BT2xG3qPhL6kAgoDcEpXq-A5XFKPB2ufjkv3i14xaZq7jyYVjqbX5ByWEJP6s01Di76Awqe1BnSInn0aF8H7L9xW0z2yaK8pebE5vcY4EdJycoLdCW-5PvFpH60GC7nb6nA9oHWyN3sRI6IRGjvvGZqN6n8UIMecnPjaCsc7GklEtp_u9UEn91U4kngjcND7Id1_EFM8rG7mlx6QKhOY7c1dE6M6uFSipdcbTV488vwNp3cn2APQNab31O9unzZf7ME6SBaCbfyGIHHTaZgDhEa3-n0ZwZZOEvuYAlibGBllqTA&sai=AMfl-YSUkh9k7wV15VMlrdFM_gQneE0KsJtvTMmNA4YXrub_e0olyajwFTsPuLkmvbnKJEnoMfYq5LQrkeERd-1Ugdfnx7U6oX9jRj3yDBvg&sig=Cg0ArKJSzB5QTGaL-2scEAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 2844	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4c69860ca4e69b14d4259e5ef4127567492593cbbb22d6c06abfe79b01edcac5 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	18 KB 6 KB	287ms 286ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1068435156847575&correlator=3898009054961308&output=ldjh&impl=fifs&adsid=NT&eid=21066361%2C21065138&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2CGH-Features%2CGH-Articlepage%2CATF_MPU_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600&rcs=1&prev_scp=type%3Dtop_display_mpu%26pos%3Dtop%26devel%3D0%26personalized%3D0%26gh-recat%3Dgoogle-chrome-browsing%2Cgoogle-chrome-extensions%26gh-contentid%3Dfirst-chrome-extension-with-javascript-crypto-miner-detected%26countryCluster%3DA3%26medium%3Dorganic%26medium_campaign%3Dorganic%26amznbid%3D2%26amznp%3D2%26in2w_keynb%3D1%26in2w_key%3D37%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx156%26in2w_key4%3D--1-5y%26in2w_key5%3Doptimization%26in2w_key6%3D--1h5yqgz%26in2w_key7%3D156%26in2w_key8%3D37%252C38%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_keypm%3Dsnhb-snhb_ghacks_sidebar_top-0&eri=1&cust_params=iabgdprapplies%3D1&cookie=ID%3D43ef9c5e33686861%3AT%3D1591759369%3AS%3DALNI_MbTocYNw7iKoClLFaekGLtRxCDF3Q&bc=31&abxe=1&lmt=1591759370&dt=1591759370453&dlt=1591759366045&idt=562&frm=20&biw=1600&bih=1200&oid=3&adxs=1032&adys=323&adks=2507788256&ucis=3&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&dssz=51&icsg=562961244486655&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x250&msz=336x250&psts=AGkb-H-NgLeeEXrwSxV_WZa3JSnfW9NUWbxqQJg_qHwG40IhsnoAO90EaLkfSw1SpGHIQYXLedjyRo1bP69q6nYCjW7akjuGsl785tr3ySRa_faWHBcZ&ga_vid=1969434061.1591759366&ga_sid=1591759370&ga_hid=897044229&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash f0cdfd7874c082be7240c1434a0efcbde1c7d13ad2569e862196f06898bdea94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5560 x-xss-protection 0 google-lineitem-id 5238915965 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138296443388 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 86EC	0 54 B	68ms 68ms	Image image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse21K2fmVim0KqP2BIsazDIAGg4zJxCt-nq9uJXx8fBj18tdwU7N24xbjv5_6Mz1PmNztJBwIZX7VgSku5OrznQf2krsfI9W4RslHDmrcI7POHdlek5KfDccX-VSNqhvLe2eCfOQUF34jBZdpuSiNc5QZjksHHqsSfJW7_6uFVWUq6yuFnFFYbhXdGTNlxHK4iMRU84bWEWcLTs2E-yh6WJ7Ndn5KcKbF1aU41bM8uNQ7p_ZG7hSP3CP9-oBNSnhXaEEdybFu4rDTujCKcHGzgJfAUfj5ylLnxEwr2g-WRrepUmcDyrorEkYGn3yQ1QNytTqsE3Nsjd-ZlAxg&sai=AMfl-YRGBlJUSJEkDD6eXJruqfE2QxN-jxeErKIqnph0JQ-pinZAbmZKYjtkHhYA_cZbTu5y1qvToie2j_jxmoXPuJIC6fg7bH8YeX4yNoiw&sig=Cg0ArKJSzNhb8nXsa25xEAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 86EC	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d2f1898cc18a997e1b75927efca5d9bbd0ac3c9dd9b12041311f252349a54f5 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 57A4	7 KB 6 KB	17ms 17ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d133f66934df460ce2d34fb2d1f8685db4c12b72dfeb088cec9bea4b8ab2fee4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5615 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 57A4	14 KB 5 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5199	0 0	6ms 5ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Wed, 10 Jun 2020 03:14:44 GMT expires Thu, 10 Jun 2021 03:14:44 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 486 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	ifaddisplayednew Show response analyse.bcovery.com/	0 42 B	58ms 58ms	XHR text/plain	35.227.202.209 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analyse.bcovery.com/ifaddisplayednew Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.202.209 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 209.202.227.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/json; charset=UTF-8 Response headers status 200 date Wed, 10 Jun 2020 03:22:49 GMT via 1.1 google access-control-allow-origin * alt-svc clear content-length 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 55 B	14ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=1068435156847575&bg=!7-yl7PRYkwR4R6j734wCAAAAQlIAAAAMmQF2mgZuVE114_X_lu6PSeXcgJxnvnY0IRu1XRK7esqQORCFElabc9TK-X_3gDZLlsuyN4JL27qSpek84iN7YPFZnIDJOg8DBpkVjpP85BjgXFzPU-AyVNZuTQ7rcP8_qtHsaAudRIsNbMajRzvvMzk1Rc5a8_JS_5X6ncFtIosNW-0HWHS5ehuns9AHzm9ERLYyUrw8SBuR6up-rog-sYRBgPvd4Tm20EEiuiqeUjGQHhioH27ZBZ9kG-bzkx0ucTcExsGXLi1fERRboKHrWfmOy3cvG4b0dQkQF29xv9ImXi16Nls-vOSH5RLY8jFIezhPQ4-VrtRTUNGYrHyYgTqbhSlvzkXqeOlOHo18vFgpPLKeqO5Qrojjc3tDFPFZL8skX2cgXPuS8gEXFAfRt-HfpJwoOjWlCdorYXvoByGUSG9kzrd8O_EuPiXkSeUUT345jXR1Km4kzGdg__9Ivkt0MDbMIMpPu2F-eOVG5ezDNvXWk5ao-n8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 57A4	0 55 B	14ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=2787070178284749&bg=!paalpr5YSWceCrCX5hQCAAAAPlIAAAALmQGOpRj1pdZPp3nDUiwYrcQqcRWQTNnaq_j6SJfImYl6qOvRAZO3CVff6UsU3YXaY2TKweqKPGl0gv-9SSpflOUqqD6gsjPkfP6qGtmiwOeioYh7XQCZ82RpJn974ajRIruppTFfNQZ82lE1q3RR_705PkzCgV1jCMSplud4vPd6qq930MVU4gJnG0uZ4x4mcshkiLcpGRDJxOG93G2fuuFMmgjj1uNJnH41co9MUr8WVV14Iz0wmKbSY7VksmGa4MwrjnYqhPWs_HdYfj9NLEX7gt_C_UrL0HGliE1tpiuVDR5_PnDACUB-tVF0SSOBO_dQlWUDUw9iCIQ0dQfUIcYV9DA0HF_O3gl0k3w0t6KQXfTVP8KsoKiqe9uyKRQABY32O3DAkKR7I6deFxo6gvNISRqDRxC9g9SvETHL9R10e6AhP5QEEWB5oOt5oWWctQV8UDfM8H9f79JicwDHqwHKjenxD8oC31P3zJUJI3LH9d7CA3-ei-ScgElJPnsF1Kp6Tv93ybpraBLdCY5wU30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame CB92	0 0	69ms 68ms	Fetch image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvJyd2xjemtmJWy2Qw5SK8SD3cQ89ePYuH_Qlq3rfkRLJnIgeRjxzjmMo1hhlZJTiZF30rz77hYcK6puQ1oa1pNoZfDg3tFzNCmAayZRaK9pXZtuzieGsv4wTJ9gidwo1idAiUlpS40JErcHNvIInyFR6_0qlu9EoWjkJfcgAAp6eOWq5bAmo-xht-2DECUpeZOLNg-Is3KDLBKuoU79BgJhkoUmtO0FmUWdp03zadPgx7PRIf2hX5KGLS7y74DJeQVmmwRtTJND3u0ebH70fymAPLCtNAg8tkNZIhYw8mt1trukaA37oYRjuNGtLiecuDXkHgAQTQCeY&sig=Cg0ArKJSzAws1Hcxqb8BEAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame CB92	43 KB 14 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc30dde0d44cd2d032a8c00f480d9c1cd94a1a55736f942a30baed9aff192246 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 762 of 1000 / last-modified: 1591669053" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14473 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame CB92	74 KB 28 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4124725dc578154ad0a57eaa1b314398279ad4c245bec14490cc028c91fcae33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591616111897637" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28493 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame CB92	246 KB 88 KB	66ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:50 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame CB92	113 B 172 B	15ms 15ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame CB92	51 KB 12 KB	310ms 310ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=100379855430271&correlator=2469535199190586&output=ldjh&impl=fif&eid=21064170&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2CGH-Features%2CGH-Articlepage%2CATF_MPU_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=336x280%7C300x250%7C300x600%7C320x480&prev_scp=amznbid%3D2%26amznp%3D2%26countrycluster%3DA3%26devel%3D0%26gh-contentid%3Dfirst-chrome-extension-with-javascript-crypto-miner-detected%26gh-recat%3Dgoogle-chrome-browsing%2Cgoogle-chrome-extensions%26iabgdprapplies%3D1%26in2w_key%3D38%26in2w_key12%3Doptimization%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx156%26in2w_key4%3D--18gz%26in2w_key5%3Doptimization%26in2w_key6%3D--1h5yqgz%26in2w_key7%3D156%26in2w_key8%3D37%2C38%26in2w_keynb%3D1%26in2w_keypm%3Dsnhb-snhb_ghacks_sidebar_top-0%26medium%3Dorganic%26medium_campaign%3Dorganic%26personalized%3D0%26pos%3Dtop%26type%3Dtop_display_mpu&eri=6&cookie=ID%3De0cd10bd28374c39%3AT%3D1591759370%3AS%3DALNI_MZKWB2qLgCDJBDzuehS9eYv9gAEIA&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1591759370&dt=1591759370881&dlt=1591759370751&idt=113&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1032&adys=323&adks=2686838782&ucis=vcsaasbf09g8&ifi=1&ifk=926877160&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&top=www.ghacks.net&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x280&msz=300x280&ga_vid=421108819.1591759371&ga_sid=1591759371&ga_hid=1116856406&fws=256&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 3b6054c36a6bfbd7af3df929c2a597d0d1aa1dd67173f0904a8ae6d27a45bf91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12289 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html f87fa89f4883eb7b9540275c15adbfaf.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CB92	0 0	38ms 13ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://f87fa89f4883eb7b9540275c15adbfaf.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame CB92	0 0	6ms 5ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame CB92	0 54 B	69ms 69ms	Image image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMYVU4hD34ZvGuQhPCu3MR4d9V_4m0RtoFK8YEJ6I78oWRsDbbeR5AgbFdAxa_kWNlty3F0DmbKwZmY0wxm8sUlOd1dvU9GHmB1ZsKqqPbhgcQcs67lNsN9asWn58Q3tZtPf-gkyBHIbhJxcGdd5569FBK2BT2soh66Y4cjNpyJeKDNzHBiCTrDbr8CYc4a5kHslMUB9lvdl1b2Nk0Fx6OPPBn4J52AU4k3VQvFrko70GuiTsX5dC5aGDa_0Oh4hchkO7qpTN0gFwWs_qfPpXVBFwcvA9a9oPBG7mmHn4fmIxd1zGqVEXRxjQ_qEMQF_jc32VfguLuGvRjug&sig=Cg0ArKJSzGpnxV_cqC29EAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:50 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame CB92	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f59ff945e20ca5d44b5ac78c33cee425c7fb75c6629d231fd30c340bf34e17f1 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	container.html f87fa89f4883eb7b9540275c15adbfaf.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7837	0 0	6ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://f87fa89f4883eb7b9540275c15adbfaf.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority f87fa89f4883eb7b9540275c15adbfaf.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html?n=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 2973 date Wed, 10 Jun 2020 03:22:50 GMT expires Thu, 10 Jun 2021 03:22:50 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame CB92	73 KB 27 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ca6176080cdc35abd70f46682d5be4be52124973f6428ad82e53eea55bb932d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:51 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591616111897637" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27916 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:51 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame CB92	7 KB 6 KB	17ms 17ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 68c2ef8748fb9b4fcea5b0f4ad2e17fc1b7ba92b188daa43256aa52131fbfe03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:51 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5607 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame CB92	14 KB 5 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:51 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:51 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5238	0 0	6ms 5ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Wed, 10 Jun 2020 03:14:44 GMT expires Thu, 10 Jun 2021 03:14:44 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 487 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 6 KB	313ms 313ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1068435156847575&correlator=2418838957804695&output=ldjh&impl=fifs&adsid=NT&eid=21066361%2C21065138&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2CGH-Features%2CGH-Articlepage%2CATF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C960x90%7C970x66%7C970x90&rcs=1&prev_scp=type%3Dtop_display_leaderboard%26pos%3Dtop%26devel%3D0%26personalized%3D0%26gh-recat%3Dgoogle-chrome-browsing%2Cgoogle-chrome-extensions%26gh-contentid%3Dfirst-chrome-extension-with-javascript-crypto-miner-detected%26countryCluster%3DA3%26medium%3Dorganic%26medium_campaign%3Dorganic%26amznbid%3D2%26amznp%3D2%26in2w_keynb%3D1%26in2w_key%3D35%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx156%26in2w_key4%3D--1-1u%26in2w_key5%3Doptimization%26in2w_key6%3D--1h1uqgz%26in2w_key7%3D156%26in2w_key8%3D35%252C36%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_keypm%3Dsnhb-snhb_ghacks_top-0&eri=1&cust_params=iabgdprapplies%3D1&cookie=ID%3De0cd10bd28374c39%3AT%3D1591759370%3AS%3DALNI_MZKWB2qLgCDJBDzuehS9eYv9gAEIA&bc=31&abxe=1&lmt=1591759371&dt=1591759371432&dlt=1591759366045&idt=562&frm=20&biw=1600&bih=1200&oid=3&adxs=620&adys=35&adks=3916816632&ucis=4&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&dssz=51&icsg=562961244486655&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x115&msz=728x90&psts=AGkb-H9DIwp74djnhPIZU2yY7qs7_j4ek140Z-Tqeb2scmwj2tKY3pNtrVZCFoehWYZ6OBRHxnp4MmoV-gOavQwV3Xx643P9Nbra1qvfYDhbKhgiol2A&ga_vid=1969434061.1591759366&ga_sid=1591759370&ga_hid=897044229&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash c0792a92e7d7cbf9490f9c08256b4e55878399aadf0d48399b1cb4111b969552 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:51 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6382 x-xss-protection 0 google-lineitem-id 5238901907 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138312814742 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CB92	0 55 B	14ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=100379855430271&bg=!9vWl9e1Y6BGvXrpZRggCAAAAj1IAAAAYmQF8xMK02iF3gpar6fcUTop_htdFBr4WJMptMVZySHTNuN8rfkYYQ1mmdAhg_u6oePRvd573Et59Em-t-lQS5-54qp_hrFjTDgtGp0b0ezxkdjAbCgpGCY4ZTFy_gtgjUe7MEvST8BfSRRVC0lBuIiNfLbWCsFgJ-32NkTA1d-wDH7txT8sjtzHzVgVTTkvJLdr4AI_GIcwggD4tTk6ZaAcuA6op_hC79IByRBftDM200kLhdoGGS2iqrd1kZi6Gy_AxrtnJVCYyMZoPsZ1XeFIqj5r_Wy3y50AHUDgK4bewDNZrwtKOt14Q0ds7K73CU8lnvH6RvRhcFITi3BkHNAgBaxdVhaLtdj4zl-Abe7FvHAMZ16ALN9rM1Vt0x44vZm3LF5G7Ntzg5pSL-xTzOQSky66qrJmK9Gqsxj8wP9ae42O-HeXiOErwxuQEfhVGcClNp3d0wbsELqv8hRXyMWt2tTcJDpDCmHSeIGR-XA8_OSHSOe5pNwT1WkvImyY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 2844	42 B 112 B	14ms 13ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHBsk8tLUiHh0hY0V3WzZjpnKKrHdEkdF-MAgPlzNKe-wojafQvaGciWxpE7I7AVZLwj9ruXKeTNDeAbC9Iq0YasLSTazt6R_zY4QrN2w&sig=Cg0ArKJSzEtF-J2QqYAIEAE&adk=2652150016&tt=-1&bs=1600%2C1200&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&p=35,620,125,1348&mcvt=1088&rs=0&ht=0&tfs=7&tls=1118&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1591759370310&dlt&rpt=202&isd=0&msd=0&ext&xdi=0&ps=1600%2C12150&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=1115&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200608 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 346D	0 0	69ms 68ms	Fetch image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZFUSXnGa80iAK1pNIoXwdds0YX9MluxIhEVH1bIymwVRagGdrNP4Ou3Qdedq-BjtQQfS_0q2m45A76PFi6mcDcleWNyrSs4iGLTCKOh3g4FyJyRdFY2CHRqDPzJnnPZniE6aKtyYkByoD6JYujzCixPv3FVKLJMzLh96OudBKOS9Os4hhuT_bzeWxV7NVKG4pNG36ppckd46bBwLa7lrvTQKx0HFEG8kS2oP4nyF0LVcqCOcCyXKZmGWF1F3QY3dyf5jdBNd5Ge2yCTvyN9fcLKOeKmMrLdf65pw7xlOCVOFE7ZUmX2Qdm-gVs_z2NGDa0lEMKgkse3T1m24cXQTgPw&sig=Cg0ArKJSzOXUbZoEdew0EAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:51 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 346D	43 KB 14 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc30dde0d44cd2d032a8c00f480d9c1cd94a1a55736f942a30baed9aff192246 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:51 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 598 of 1000 / last-modified: 1591669053" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14473 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:51 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 346D	74 KB 28 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4124725dc578154ad0a57eaa1b314398279ad4c245bec14490cc028c91fcae33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:51 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591616111897637" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28493 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:51 GMT
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame 346D	246 KB 88 KB	67ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:51 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:51 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 346D	113 B 172 B	14ms 14ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:51 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 346D	49 KB 11 KB	296ms 296ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4270228690999196&correlator=3232684778338349&output=ldjh&impl=fif&eid=21064170%2C21066043&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2CGH-Features%2CGH-Articlepage%2CATF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C960x90%7C970x66%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2%26countrycluster%3DA3%26devel%3D0%26gh-contentid%3Dfirst-chrome-extension-with-javascript-crypto-miner-detected%26gh-recat%3Dgoogle-chrome-browsing%2Cgoogle-chrome-extensions%26iabgdprapplies%3D1%26in2w_key%3D36%26in2w_key12%3Doptimization%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx156%26in2w_key4%3D--18gz%26in2w_key5%3Doptimization%26in2w_key6%3D--1h1uqgz%26in2w_key7%3D156%26in2w_key8%3D35%2C36%26in2w_keynb%3D1%26in2w_keypm%3Dsnhb-snhb_ghacks_top-0%26medium%3Dorganic%26medium_campaign%3Dorganic%26personalized%3D0%26pos%3Dtop%26type%3Dtop_display_leaderboard&eri=6&cookie=ID%3De0cd10bd28374c39%3AT%3D1591759370%3AS%3DALNI_MZKWB2qLgCDJBDzuehS9eYv9gAEIA&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1591759371&dt=1591759371892&dlt=1591759371756&idt=117&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=66&oid=3&adxs=459&adys=35&adks=3346983909&ucis=5jcii2wb3zj9&ifi=1&ifk=3039022646&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&top=www.ghacks.net&dssz=8&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x90&ga_vid=2043862444.1591759372&ga_sid=1591759372&ga_hid=383134907&fws=256&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 7a24bf13adb27de19153d0a61814213df4b214f2d57fce444a099b677316c75b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:52 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11308 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 3bb51464adec0c4c18a76bc89fcd9e5c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 346D	0 0	40ms 14ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3bb51464adec0c4c18a76bc89fcd9e5c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 346D	0 0	6ms 5ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 346D	0 45 B	69ms 68ms	Image image/gif	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ7BwyZ5UI4yMcMQufOM0HI6rPloqJoKgsaMJM8N0psXx26FRhTTb3mDu_3p26CGLqwWyj9Q7B2HcytlWOq3quFMsXW8fHJK1oCmky154Pngg5oIRY9S1HUo1KbS_mmwhcc4TXzJ_iaVkhUlfojRq-n0S3hlUKfYing8mnu9UowujssVIwHEYsPUlznnuXlZcGYSdhYrnf_R9HK3cFltNHewoLm4AfYxuN56H6AhHuMLmDoJjtiF8q9XsRrWZ0HL5ovvFW-_mVr_p6FSeW8plx8TVicbD7CjUCFzZE3XMdVaU3FSxR2DSDJ06RlDZXMVrOo_izT0reo_vObV0bUCIhTzPs&sig=Cg0ArKJSzBqFe2vYYYXTEAE&urlfix=1&adurl= Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:51 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 346D	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4c6dfb5f9b25899532852546b9e5d4646354d1d50a5413a31449832e2c4d1810 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	rum.js Show response securepubads.g.doubleclick.net/pagead/js/ Frame 346D	51 KB 20 KB	58ms 57ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/js/rum.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 37675ac9250a502ec0d6d839a2c91768191551d19ae268600fdee1c2ea3304bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 02:34:32 GMT content-encoding gzip x-content-type-options nosniff age 2900 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20211 x-xss-protection 0 server cafe etag 5819523554404851896 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Wed, 10 Jun 2020 03:34:32 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame CB92	42 B 107 B	14ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0nvZSlwrJ95gP5yhe9dubh1DF8cRYGkHF3arkutpnOmhilgwuITjT-JFA1bdm767HNpqQvovbmty3sH5omzafBmFnGtR1TS1jnx9NR0w&sig=Cg0ArKJSzLswoAKULKAMEAE&adk=2507788256&tt=-1&bs=1600%2C1200&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&p=323,1032,603,1368&mcvt=1039&rs=0&ht=0&tfs=2&tls=1120&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1591759370754&dlt&rpt=210&isd=0&msd=0&ext&xdi=0&ps=1600%2C12126&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1120&is=336%2C280&iframe_loc=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200608 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 346D	0 44 B	59ms 59ms	Other image/gif	216.58.211.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kb8sfk0c&chm=1&ctx=2&qqid=CM7Snt-l9ukCFbTAEQgdZiULGg&met.4=fb.2~lb.48~ol.66~idt.6m~dt.-90&met.9=1.q~2.39&met.3=197.45~123.45_2~118.4a~118.4a~118.4w~117.66~118.67~118.67~118.68~118.68~143.6z_1~118.70~118.7q~113.81_4~112.7z_6&met.1=1.kb8sfjsc~14.0~15.0~16.0~17.0~18.0~19.0~20.65~21.66~22.4k~23.4k&met.7=CA0QChgBIAQoBDAVOBFoBHAUeO5xgAGJcYgBhdgCsAEBuAED~CCoQChgBIAQoBDAVOBE~CA4QChgBIBsoGzBoOE1oG3BdeI_BBYAB5b8FiAHXsw-wAQG4AQM~CDAQBxgBIBsoGzAqOA9oHHAqeKwBgAFsiAFxsAEBuAED~CCIQBhgBIJcBKJcBMNwBOEVomAFw3AF4LbABAbgBAw~CCgQChgBIOABKOABMJsCODto4AFwmgJ4o58BgAHznQGIAZCaA7ABAbgBAw Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.211.99 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s32-in-f3.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 status 204 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012005262159000/ Frame 6B6E	202 KB 56 KB	38ms 6ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 32927 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56265 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 18:14:05 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9b3afaa85c48c2d0" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 18:14:05 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6B6E	16 KB 6 KB	51ms 19ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40055 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5893 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 16:15:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "7c581cea2ef0aefe" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 16:15:17 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6B6E	97 KB 29 KB	49ms 17ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 32931 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29929 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 18:14:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "22e1efecde29c9e4" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 18:14:01 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6B6E	4 KB 2 KB	48ms 16ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40082 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1719 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 16:14:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "bc4637e8702685f3" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 16:14:50 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6B6E	48 KB 15 KB	46ms 15ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40075 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14997 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 16:14:57 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "de17760b9f621603" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 16:14:57 GMT
GET H2	200	css fonts.googleapis.com/ Frame 6B6E	5 KB 761 B	19ms 18ms	Stylesheet text/css	2a00:1450:4001:81a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 10 Jun 2020 01:59:47 GMT server ESF date Wed, 10 Jun 2020 03:22:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 Jun 2020 03:22:52 GMT
GET H2	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/16955503103052890963/ Frame 6B6E	3 KB 3 KB	6ms 6ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16955503103052890963/downsize_200k_v1?w=300&h=300 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa964b40724a2cf96f66e10a908d7f81b79104873482ee16827199b185259353 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 08 Jun 2020 21:33:19 GMT x-content-type-options nosniff age 107373 x-dns-prefetch-control off status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2766 x-xss-protection 0 last-modified Fri, 15 Nov 2019 17:59:25 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 08 Jun 2021 21:33:19 GMT
GET DATA	200 OK	truncated / Frame 6B6E	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d8fc56d4344aa3761123b1f0e39f2b45311395605acc6aa9d33a57ece9559bf7 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/012005262159000/ Frame 346D	20 KB 7 KB	38ms 14ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 22292 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7224 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 21:11:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f6cfa2ba62463627" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 21:11:20 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6B6E	3 KB 3 KB	6ms 5ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Jun 2020 07:17:20 GMT x-content-type-options nosniff server cafe age 72332 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2982 x-xss-protection 0 expires Wed, 10 Jun 2020 07:17:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6B6E	344 B 448 B	6ms 6ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Jun 2020 11:09:06 GMT x-content-type-options nosniff server cafe age 58426 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Wed, 10 Jun 2020 11:09:06 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 6B6E	0 0	69ms 69ms	Image text/html	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CZy9VC1LgXszJOuON3gPiubCwAd2boONcqe_XsZsLl96ivcABEAEgodX5KmDqAaAB_9uKyAPIAQHgAgCoAwGqBJkCT9COLzZKwUfTGg2zBGghIZZt1sD5VUwBCErvq0JJZ-wFLO9DOZ_MzZ4h-Dm7f52OUIQMt38w7GRAci0PimsAqIYuc1i5S34m5V_bnjbOg-F0-d0nXmk14n0sFl-TOKN8RBocxsjtKuOwBrv-p9gORtwbRKnzqun0uUnyu-oiMHt4lXs98RjdFEnUK1NPGCNd1lpl4E45cQOZVYghtOubp9E2-nbilZM2QjZVq0zUaOB6XvsEVztyC7YEDqbiQNrvPFnTQ9bXpClnQPoUQ6s_BH8ucoUnwWzG9baDwtlsMmTPm_eBqxQTbuwQbSVO2yZvYj99VsxecvdiwcMonbelHGgbVuYGCkgqbhGTw-A53a8AKNEzU2cDBlrABInL05fsAuAEAZIFBAgEGAGSBQQIBRgEgAeG85wJqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEENG7BNIICQiA4YBwEAEYHYAKA8gLAdgTDIgUAZgWAQ&sigh=nWbgeKnyEtE&template_id=5001&tpd=AGWhJmuDOroZBjpdeKIQs37SSolS4lq_O73FRq9KxGupfECrpQ Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 346D	7 KB 5 KB	17ms 17ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e1feade21b6fd5a6c0a8ecc4425221d14a2a54984ec9dd410e9084d89e6f922 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:52 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5547 x-xss-protection 0
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/ Frame 6B6E	11 KB 11 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Origin https://www.ghacks.net Response headers date Sat, 16 May 2020 07:48:27 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:48 GMT server sffe age 2144065 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11056 x-xss-protection 0 expires Sun, 16 May 2021 07:48:27 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/ Frame 6B6E	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Origin https://www.ghacks.net Response headers date Wed, 27 May 2020 04:01:14 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 1207298 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11016 x-xss-protection 0 expires Thu, 27 May 2021 04:01:14 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 346D	14 KB 5 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:52 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:52 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 6B6E Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	14ms 13ms	Image text/html	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers date Wed, 10 Jun 2020 03:22:52 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 246 x-xss-protection 0
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 648D	0 0	6ms 5ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Wed, 10 Jun 2020 03:14:44 GMT expires Thu, 10 Jun 2021 03:14:44 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 488 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6B6E	3 KB 3 KB	6ms 5ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Jun 2020 07:17:20 GMT x-content-type-options nosniff server cafe age 72332 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2982 x-xss-protection 0 expires Wed, 10 Jun 2020 07:17:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6B6E	344 B 401 B	6ms 5ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Jun 2020 11:09:06 GMT x-content-type-options nosniff server cafe age 58426 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Wed, 10 Jun 2020 11:09:06 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 346D	0 55 B	14ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=4270228690999196&bg=!V1SlVExYTa0Ozv9X17cCAAAARFIAAAAOmQF8vBSyXmQ35C9yiIgoVvytm-ichFuUDvXGisggUUKowFMCvEzVlIBrR8nlVWKu5GMSgB9b147ZqemWKDvce0jECiqTKEKyFmO-2u1GgtXVA5oM-ZxZ1BLb7iXZUt_VHqdJOn3_1THRY1ASrTI_zr9OaWtMKcOZ-KVWCplAQZTBCHbG_U6j_Ci_Y6pMwJ78Jd4CXYtls-EX6z8t3Lc0uZihg5bBcc40d1MmxpmpQsJdwG4uiAv9j2S--tK8GUqacVYgkVxdb9x3kjHTJ65RF8YpdSeD39n8KdEn739QZvXoOMHv44D35IkJT2YuQ0_t7dWt3FO6DmhJS4rym7kEYgTgPp2EdK9dhse5dxvDbm7Fdk6ocRHOLNje5m5HRsGMypyE5g5GGmbVaMnus9KtOKKL0J2EDRJH23aszQs9_VSZm2VHyDxxsRQl0eoq2dT_p3EkiNm_MdR7zqpyTeEA7DDDH3WSBt3E4F-gbXK1P1ArCLzif7D6QGuGg5q82SI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ROS Show response ads.us.e-planning.net/hb/1/2c7a1/1/www.ghacks.net/ Redirect Chain https://ads.us.e-planning.net/hb/1/2c7a1/1/www.ghacks.net/ROS?rnd=0.05902717612300368&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250... https://ads.us.e-planning.net/hb/1/2c7a1/1/www.ghacks.net/ROS?ct=1&rnd=0.05902717612300368&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B300x250_0%3A300x250%2C300x600%2B300x250_1%3A30...	1 KB 2 KB	238ms 234ms	XHR application/json	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/hb/1/2c7a1/1/www.ghacks.net/ROS?ct=1&rnd=0.05902717612300368&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B300x250_3%3A300x250%2C300x600&ur=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&gdpr=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash cc62f045e7739a19d400bb51db605c108a6b2a12779604cc0cbc692e955423e1 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT server openresty status 200 p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" access-control-allow-origin https://www.ghacks.net expires Wed, 10 Jun 2020 03:22:53 GMT cache-control max-age=0, no-cache access-control-allow-credentials true content-type application/json content-length 1143 x-sid AMS-607 Redirect headers date Wed, 10 Jun 2020 03:22:53 GMT server openresty status 302 location /hb/1/2c7a1/1/www.ghacks.net/ROS?ct=1&rnd=0.05902717612300368&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B300x250_3%3A300x250%2C300x600&ur=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%253A%252F%252Fwww.ghacks.net%252F2017%252F09%252F19%252Ffirst-chrome-extension-with-javascript-crypto-miner-detected%252F&gdpr=0 p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" access-control-allow-origin https://www.ghacks.net access-control-allow-credentials true content-type text/html; charset=iso-8859-1 x-sid AMS-607
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	253ms 126ms	XHR application/json	185.86.139.59 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-smrt-d 6%3b0%3b89 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.ghacks.net cache-control no-cache, no-store access-control-allow-credentials true content-type application/json content-length 0 expires -1
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	281ms 154ms	XHR application/json	185.86.139.59 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-smrt-d 6%3b17%3b93 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.ghacks.net cache-control no-cache, no-store access-control-allow-credentials true content-type application/json content-length 0 expires -1
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	282ms 150ms	XHR application/json	185.86.139.59 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-smrt-d 6%3b30%3b65 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.ghacks.net cache-control no-cache, no-store access-control-allow-credentials true content-type application/json content-length 0 expires -1
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	253ms 120ms	XHR application/json	185.86.139.59 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-smrt-d 6%3b12%3b71 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.ghacks.net cache-control no-cache, no-store access-control-allow-credentials true content-type application/json content-length 0 expires -1
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	282ms 147ms	XHR application/json	185.86.139.59 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-smrt-d 6%3b2%3b86 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.ghacks.net cache-control no-cache, no-store access-control-allow-credentials true content-type application/json content-length 0 expires -1
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	283ms 147ms	XHR application/json	185.86.139.59 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:52 GMT x-smrt-d 6%3b28%3b66 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.ghacks.net cache-control no-cache, no-store access-control-allow-credentials true content-type application/json content-length 0 expires -1
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 476 B	245ms 120ms	XHR application/json	18.196.246.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=3.20.0&referrer=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&tmax=1000&gdpr=false Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.246.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-246-12.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:53 GMT status 200 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" access-control-allow-origin https://www.ghacks.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type application/json; charset=utf-8 content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	25 B 987 B	254ms 131ms	XHR application/json	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=425815&v=7.2&r=%7B%22id%22%3A%22228c666e80da2c6%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2223bc121cd12345c%22%2C%22ext%22%3A%7B%22siteID%22%3A425815%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22242ef5cc3d034cf%22%2C%22ext%22%3A%7B%22siteID%22%3A425816%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22255de4c19e06b01%22%2C%22ext%22%3A%7B%22siteID%22%3A425815%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2226d1961d450e52f%22%2C%22ext%22%3A%7B%22siteID%22%3A425736%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22274eec5d853d8ea%22%2C%22ext%22%3A%7B%22siteID%22%3A425736%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222834fb715702fc7%22%2C%22ext%22%3A%7B%22siteID%22%3A425736%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software Apache / Resource Hash b9cf5d7c92fcbecc89a19be4b391293e5a4ab0a4eead5a1ff3b280f041f75d4e Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:53 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin https://www.ghacks.net Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 45 Expires Wed, 10 Jun 2020 03:22:53 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	240 B 2 KB	289ms 120ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=2&alt_size_ids=55&gdpr=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&tk_flint=pbjs_lite_v3.20.0&x_source.tid=7178b33a-5403-42bd-952b-b7c6d995ca0f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9276409232651301 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 8ddcc400e47e074c022c77846691d1a71ff6cad8afb679eb829a25495690126e Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:53 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ghacks.net Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 240 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	261 B 2 KB	298ms 129ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&tk_flint=pbjs_lite_v3.20.0&x_source.tid=c54397f3-a03c-450b-b8f8-a1a90ddbc121&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.32413187894280626 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 2ef12d48d5035fc6900ec9193a591953f0c278e03488580d1f7bdf98d49021ad Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:53 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ghacks.net Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 261 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	240 B 2 KB	293ms 119ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=2&alt_size_ids=55&gdpr=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&tk_flint=pbjs_lite_v3.20.0&x_source.tid=3d6a8a43-930a-40f5-8e16-52b8c7335122&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3428339847596835 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash aa12d924ffde46a9596bcf6f2894f2ea1745319da62da91ce5e172c1a0b6ddc9 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:53 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ghacks.net Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 240 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	261 B 2 KB	292ms 118ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&tk_flint=pbjs_lite_v3.20.0&x_source.tid=612551ed-4530-4f89-a720-f86d82db0559&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3761067862818883 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 6e54b057996c0ba0cf826f435098299453a3c0bcb683110221c50ab4ef7390d3 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:53 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ghacks.net Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 261 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	261 B 2 KB	289ms 114ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&tk_flint=pbjs_lite_v3.20.0&x_source.tid=a88f9bdc-1f6f-47f5-9597-174e28985a46&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9771872524353664 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash d6129c233f9279897e2acbedd42ee1d486c6819ac993a17b61e67f08eabbc2c9 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:53 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ghacks.net Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 261 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	261 B 2 KB	294ms 111ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&tk_flint=pbjs_lite_v3.20.0&x_source.tid=2b3a214d-1667-4532-95f3-06cb6017bfb3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.40947126722892135 Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 5425ff3cfdba4cef65435460be2f68666ca4b1a8ce61ea63336bf5258c2b4f84 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:53 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ghacks.net Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 261 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	723 B 1 KB	187ms 62ms	XHR application/json	185.33.220.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.ghacks.net URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid3.20.0.js?ver=1.2.3.4.17 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 6be39230386c49d538291a3fdaaeba6810d39a5a06b3d3c8ef8341dab8f98588 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Wed, 10 Jun 2020 03:22:55 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 165.231.142.36; 165.231.142.36; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 5454c6fa-71ff-42e3-8d69-a092f3cb7631 Server nginx/1.13.4 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.ghacks.net Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 9165	43 KB 14 KB	17ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d99566f2ff2086986fecd16acb4f78e081b7bed867bdcdc8d5d90e1a2773faeb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 108 of 1000 / last-modified: 1591669099" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14473 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 8844	43 KB 14 KB	19ms 16ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bb087b9369f27168bf26e26f321f9570816fdd2ef6450e8487bc37d65c55033 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 3 of 1000 / last-modified: 1591669053" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14467 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame E4D1	43 KB 14 KB	18ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bbddf2699e7f40c637c0c43cc853319bae07fe9ad4c83c1e8592468d7f3148cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "539 / 36 of 1000 / last-modified: 1591669053" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=43200 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 14467 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 346D	42 B 107 B	19ms 15ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvm_UxFdXjmlxXlw6RTijsw_oi2CVf4hHFkzxkdBxJx1fKcJkciINylghk_kX5FK7z5W0od6pY45g4FTFTToCDI6WUgqAdJIoKRVbDr74E&sig=Cg0ArKJSzFrLKpyUB5rwEAE&adk=3916816632&tt=-1&bs=1600%2C1200&mtos=728,728,1060,1060,1060&tos=802,0,258,0,0&p=35,459,125,1429&mcvt=1060&rs=0&ht=0&tfs=1&tls=1142&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1591759371761&dlt&rpt=217&isd=0&msd=0&ext&xdi=0&ps=1600%2C12150&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1141&is=970%2C90&iframe_loc=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200608 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame 8844	246 KB 88 KB	66ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 8844	113 B 172 B	15ms 14ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame 9165	246 KB 88 KB	67ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 9165	113 B 172 B	15ms 15ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	pubads_impl_2020060103.js Show response securepubads.g.doubleclick.net/gpt/ Frame E4D1	246 KB 88 KB	66ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Jun 2020 18:46:06 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 90085 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame E4D1	113 B 172 B	15ms 14ms	Script application/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 108 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 8844	40 KB 10 KB	324ms 324ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=603981819236953&correlator=2388879421633027&output=ldjh&impl=fif&eid=21066268%2C22316437&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2Cgh-features%2Cgh-articlepage%2Cbtf_mpu_second_bcovery&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dbottom%26type%3DBottom_Display_MPU&eri=2&cookie_enabled=1&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1591759373&dt=1591759373183&dlt=1591759373027&idt=148&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=150&oid=3&adxs=1032&adys=1605&adks=2715596938&ucis=j3slcnkrbm2v&ifi=1&ifk=1486645003&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&top=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&dssz=2&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x600&msz=336x600&ga_vid=907807424.1591759373&ga_sid=1591759373&ga_hid=1961058268&fws=256&ohw=0&btvi=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 241203eb67a5c77bf9f534f20a5c0de73ca7c4aa5a8acc3d391fbd129dd2ab30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10250 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 5881d4cbaf31a0eb9945beb8296e0f14.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8844	0 0	41ms 13ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5881d4cbaf31a0eb9945beb8296e0f14.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8844	0 0	7ms 5ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 9165	70 KB 23 KB	285ms 284ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3235077185051795&correlator=1741549726626485&output=ldjh&impl=fif&eid=21066272%2C21066361%2C21063910%2C21065929%2C21066255&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2Cgh-features%2Cgh-articlepage%2Cbtf_mpu_first_bcovery&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dbottom%26type%3DBottom_Display_MPU&eri=2&cookie_enabled=1&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1591759373&dt=1591759373218&dlt=1591759373024&idt=175&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=150&oid=3&adxs=1032&adys=914&adks=563979795&ucis=9lpafpurdkyu&ifi=1&ifk=1486645003&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&top=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&dssz=2&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x600&msz=336x600&ga_vid=728126628.1591759373&ga_sid=1591759373&ga_hid=1923757821&fws=256&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 9f3c50a7acbab481dc7f52df7eb651a30a7a684c93755c8630a28f2d3c4584cc Security Headers Name Value Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6543337964692547384/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6543337964692547384/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK7JjOCl9ukCFYvvdwodjdgEEg&gqi=&layout=/sadbundle/%24csp%253Der3%24/6543337964692547384/300x600.html X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6543337964692547384/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6543337964692547384/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK7JjOCl9ukCFYvvdwodjdgEEg&gqi=&layout=/sadbundle/%24csp%253Der3%24/6543337964692547384/300x600.html content-encoding br x-content-type-options nosniff google-creative-id -1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22925 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe date Wed, 10 Jun 2020 03:22:53 GMT content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 6d617bc06ff61e58e67c0aefe3a5df81.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9165	0 0	48ms 14ms	Other text/html	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6d617bc06ff61e58e67c0aefe3a5df81.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9165	0 0	30ms 14ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame E4D1	474 B 429 B	276ms 274ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3704803395905247&correlator=516846949511794&output=ldjh&impl=fif&eid=21066095&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200610&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2Cgh-features%2Cgh-articlepage%2Cbtf_mpu_third_bcovery&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dbottom%26type%3DBottom_Display_MPU&eri=2&cookie_enabled=1&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1591759373&dt=1591759373242&dlt=1591759373030&idt=205&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=150&oid=3&adxs=1032&adys=2623&adks=188410933&ucis=ocyxbe8ihl0s&ifi=1&ifk=1486645003&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&top=https%3A%2F%2Fwww.ghacks.net%2F2017%2F09%2F19%2Ffirst-chrome-extension-with-javascript-crypto-miner-detected%2F&dssz=2&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x600&msz=336x600&ga_vid=1365817522.1591759373&ga_sid=1591759373&ga_hid=952694687&fws=256&ohw=0&btvi=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 18755a17c2bd84cfe5a5791b07da4a2a4e4c0bdddb3bf9ec5be54f356467a1e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 264 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ghacks.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 59794fe491769bc4b001e17afd3fe27c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E4D1	0 0	41ms 13ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://59794fe491769bc4b001e17afd3fe27c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E4D1	0 0	7ms 5ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 6B6E	42 B 107 B	15ms 15ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG6Js7Yqkp8Wetfy5slsOt32cZXf5bg4AFuW6tlgHKiAWhZY4JuWPIPto8HmWVJVC0zCJRl5ElxGbbVJ-1TZGY0V7FIpqEyqdaEjsoMrR6klRdTBEJmPGOy2bEoQ&sai=AMfl-YSeJrGGIUrMEGdyOIy7KOMdfaomJQEHpEb22PDMvXArhmDLRDx6zUYOYuISlIywg2bwsVKS8YlOi7ilXwAncoo4FOJkmoQvFET8h0krSBKcEfQvIL_DHTq_qD8y&sig=Cg0ArKJSzMCrDJ4UnrycEAE&cid=CAASPeRoKtseTt0BmjIY_7-XnPBeWYrAZ7zCgELON4EpipWnpU5f91A-_LMpJHlEfm0BDYPYBShNC4T_L2dRUEA&id=ampim&o=459,35&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=136&tls=1136&g=100&h=100&tt=1136&r=v&avms=ampa&adk=3346983909 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	ifaddisplayednew Show response analyse.bcovery.com/	0 42 B	71ms 71ms	XHR text/plain	35.227.202.209 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analyse.bcovery.com/ifaddisplayednew Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.202.209 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 209.202.227.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/json; charset=UTF-8 Response headers status 200 date Wed, 10 Jun 2020 03:22:52 GMT via 1.1 google access-control-allow-origin * alt-svc clear content-length 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012005262159000/ Frame 43EB	202 KB 55 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 32928 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56265 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 18:14:05 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9b3afaa85c48c2d0" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 18:14:05 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 43EB	16 KB 6 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40056 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5893 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 16:15:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "7c581cea2ef0aefe" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 16:15:17 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 43EB	97 KB 29 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 32932 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29929 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 18:14:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "22e1efecde29c9e4" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 18:14:01 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 43EB	4 KB 2 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40083 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1719 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 16:14:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "bc4637e8702685f3" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 16:14:50 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/012005262159000/v0/ Frame 43EB	48 KB 15 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40076 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14997 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 16:14:57 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "de17760b9f621603" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 16:14:57 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame 43EB	3 KB 3 KB	6ms 5ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Jun 2020 07:17:20 GMT x-content-type-options nosniff server cafe age 72333 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2982 x-xss-protection 0 expires Wed, 10 Jun 2020 07:17:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 43EB	344 B 407 B	6ms 6ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Jun 2020 11:09:06 GMT x-content-type-options nosniff server cafe age 58427 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Wed, 10 Jun 2020 11:09:06 GMT
GET DATA	200 OK	truncated / Frame 43EB	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86db343c98252560997759c11d577b1c4ccd3b8e468889753bfa3adc1e46b75b Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/012005262159000/ Frame 8844	20 KB 7 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:814::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005262159000/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 22293 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7224 x-xss-protection 0 server sffe date Tue, 09 Jun 2020 21:11:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f6cfa2ba62463627" accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 21:11:20 GMT
GET H2	200	14437845656258449819 tpc.googlesyndication.com/simgad/ Frame 43EB	65 KB 65 KB	7ms 6ms	Image image/png	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14437845656258449819?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmI-Hrwxw5q0yVQvgsLV2NRrtogxQ Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f0a745150dbae29f4fbd0bdab71d848a1245235d38c412198876b7f6bb4a29d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 17 May 2020 03:07:01 GMT x-content-type-options nosniff last-modified Fri, 10 Jan 2020 06:34:35 GMT server sffe age 2074552 status 200 content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 66292 x-xss-protection 0 expires Mon, 17 May 2021 03:07:01 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 43EB	0 0	68ms 67ms	Image text/html	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C1rpADVLgXrD6DtWi7gPJzrCoCcXii8Vdn5yxwvAK6Kq2lYsDEAEgodX5KmDqAaABqtGK6wLIAQKpAnL8p9KTBbM-4AIAqAMByAMIqgSfAk_QP5Ke1cYS2oI2RikyGymxwHOnFe-SynNSSrabiD8qZf2HYXKw7SxW5U3_UQwDkf2WyMWmMXBynuOH8A0qOKEmcd8mN1d2fdCX6_HGTkbvE3QmiqZG2mi-MXMQkT1fjQsAnvTUVbmGaXyTFnehiazW73oGl3kpyk4tCixPKd6QAp2pQCVNkB0JYiDlBQsK_tZyB1N2BZ4-KGsXS9_H00i-ykvqyBmGUNlvljJMP8nmWlJX_Clwo5dNYdIVfI8lLveI4RgqYOzbTIbFuT-EeYg_FqtRNSDA9zePvNMK9JP3E8ElzfbcILNlOWNpGYc1sToBAYB0WB_oWcLH8ALHpiRtCibYcTNJkz0vPmR9i7nOmtdLwgjLNsnQWpVtpSWcwATiptbVjQLgBAGSBQQIBBgBkgUECAUYBKAGAoAHvq71lAGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQncgC0ggJCIDhgHAQARgdgAoDyAsB2BMM&sigh=Mb-3DeyDI-M&tpd=AGWhJms82HklTtock5arRREwVswT2NRpaioPXQvqeWkWC6vlxQ Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 8844	7 KB 6 KB	16ms 16ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c11d342d42f8a91b820f2d7a1a4096a64cf2ed5adcd7816e5cd3fa29563824df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5656 x-xss-protection 0
GET H2	200	container.html 6d617bc06ff61e58e67c0aefe3a5df81.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2740	0 0	6ms 6ms	Document text/html	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6d617bc06ff61e58e67c0aefe3a5df81.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 6d617bc06ff61e58e67c0aefe3a5df81.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html?n=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 2973 date Wed, 10 Jun 2020 03:22:53 GMT expires Thu, 10 Jun 2021 03:22:53 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 9165	73 KB 27 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ca6176080cdc35abd70f46682d5be4be52124973f6428ad82e53eea55bb932d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591616111897637" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27916 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9165	0 55 B	14ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3235077185051795&r=300x600%7C300x250&w=300&h=600&a=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 9165	7 KB 6 KB	17ms 17ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 55069032c10a52ada9b15f3185cb4f4e6c2ca84edbbbfaf12e0884f805793320 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5590 x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame E4D1	7 KB 6 KB	16ms 16ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cea31d788f43e98823d5fc549ef0a636fce2dc42265afe25b2ee3b157e81266e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5572 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 8844	14 KB 6 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 9165	14 KB 5 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame E4D1	14 KB 5 KB	16ms 13ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 03:22:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Wed, 10 Jun 2020 03:22:53 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 43EB Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	14ms 14ms	Image text/html	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers date Wed, 10 Jun 2020 03:22:53 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 246 x-xss-protection 0
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 8CB1	0 0	7ms 6ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Wed, 10 Jun 2020 03:14:44 GMT expires Thu, 10 Jun 2021 03:14:44 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 489 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 3B46	0 0	6ms 5ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Wed, 10 Jun 2020 03:14:44 GMT expires Thu, 10 Jun 2021 03:14:44 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 489 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame F8EE	0 0	6ms 5ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Wed, 10 Jun 2020 03:14:44 GMT expires Thu, 10 Jun 2021 03:14:44 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 489 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8844	0 55 B	15ms 15ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=603981819236953&bg=!LS6lLjZY0xrQP3xvHnYCAAAAslIAAAAwmQGOMzmO2SwX_np6ifnyxUaqDvANlzWEtfCJ8ewXOsoAFnnPBVjenzXca-9FhYPzB0g_EL2cu0LpxN0aoxzcMePxsC0lUw36dAM2ww8bRPAhA2i-My_rwWwNznCF4op6_n9KmG0K0ylgp_QI-c263peKUM3a_JaLHFwTVzQxgcSCuiyzaHkpfl0APUEkqZg0oI3vkA8tEkm5SBSHORPW5oE3q4j_lxv3qyUwcXmjsT7xrSxZlWnp72gJsLHIwB0jRGXSGNYsvq-x4xoEISMAwWq4QHBGyYvVx6eufdxeF99nxGVf7A2oHxl6fPFiNHYttI54MSWlA2t08gXckC8vDQyRZFqay8EcT_LSd369t1yYmxROAmulMQqVUISwhzAYOUCZted8QagMhLxd2O9FYJd00LYtneodRHkH6TreAxY8Qk5L9Unik2pE0lJvgymaV6rQky4m1hwc5yH7z8uAwTZgdMwFr-sveJZ6azbVU4JPwuDPp1D94omrsRXw1kcn0jssRUg6_Pz-nqVGUyISuUg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9165	0 55 B	14ms 13ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=3235077185051795&bg=!OjmlOSFY0u0KlHGlfqcCAAAAylIAAAAkmQGOhIfMiesYKIEyTdur17czmH9zfr-TzSJdN8US3CYPzGUoxqRpYNdgRJ8DMFFDV0MS8iJ_5B2fjerctV0KPjXLpa1HEoahPFwVi8srWEpkKByVe5I-2rQQ-H1JTeeqlBAFXwwdz0MLT7Y2zBirXKBpgb7J__TWUz5jQpEsmVU7uGZwkjCqdfpd7U4a-ddWvm5ehm4D1GAIr2Sce1bg6RXUC1GX5RHZGExoWzQS-srm1Sj8_uJVLmQFi_ntaZMqrLvLkF7Vkca3BIfaiqNc4LMTAmLyMr1m1dUkE4WiyR6dG-JnliK4oC6ZwFZ0TlPIEhbkfTwhzazgQNaNDuGiUcpG-ySH6VA1hWHejnUKveeDFqweb0Lal1VEQoEqQUyrzZSeZ8o39v6yvwU23pZzodQYFBwBZidAX70Gd0w5OD8ZsGx6I8AsXYsVrKj5iqGilL4m3AttyXNrLGRERvKnQ1EhPSBcDJj4FEuqAbc-r6cO4Ti7DzN1YgEH8Wf0mcxFEOS8T-5Fs7M47bS6ncUxZFc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E4D1	0 55 B	14ms 14ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=3704803395905247&bg=!lZallo5Yap-GQbQwJwoCAAAAqFIAAAAZmQGO9JCLqqyuw1W6zm3Q4b5Yj7TkSiIrBmrUZ3sy_CHXCPkiC8FEZRoCC31gOvdINikvHl2lIDgHdsHvzZ9OWLLV1Qv6FaDLej4wN2gpK9lOni9jkzRM489yPqIQVpEVPYIMmTm7UaFiiQJa7oSAqu9Elbw19tkkaQFGfjNr2dCPO_1ZtOX8GXNiNNRgazzLRjyWgumNGOFNndHkHZo4KyCeopxFhc96v21zSrl3aOZUBJhXI4J5Fo71NMfiGT90DWA_km0nZ632UU6bbdtny-95sTru1ELyGHPqf7zwcU9ofty0v2rIK38jqw6IPtErj5Wj5FhJzn71u_qVOl9FOhdAS3ALyVcktpyTNPQuvG3uhKuiPSkZZf7rhvQk6FPbzFFtsVzj-pcKZ2jYx34uRPWJsBXsT84qsTeD8VvX8nu5s5cAI2Hcl8sPN18DXlBx480x4XSff3PqpcMlJQFCO4ObCZdS4nYqT6H5J9cJjhDPj7gxaPqxm_bwPapFU_PQnYcEZv7OQEFqDMyBg5EaawY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jun 2020 03:22:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	um sync.e-planning.net/ Redirect Chain https://sync.1rx.io/usersync2/eplanning https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1	42 B 104 B	192ms 69ms	Image image/gif	5.178.65.245 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.245 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 10 Jun 2020 03:22:56 GMT server openresty content-type image/gif Redirect headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:30 GMT Server nginx ETag OPTOUT Transfer-Encoding chunked Content-Type text/html Location https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Expires 0
GET H2	200	um u-ams02.e-planning.net/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D2b579e90284bb804%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D2b579e90284bb804%26uid%3D%24UID&sovrn_retry=true https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=2b579e90284bb804&uid=34c10fbe5311d87b87b82fad	42 B 103 B	160ms 56ms	Image image/gif	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=2b579e90284bb804&uid=34c10fbe5311d87b87b82fad Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 10 Jun 2020 03:22:56 GMT server openresty content-type image/gif Redirect headers Date Wed, 10 Jun 2020 03:22:56 GMT Server nginx Location https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=2b579e90284bb804&uid=34c10fbe5311d87b87b82fad Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap1ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	um u-ams02.e-planning.net/ Redirect Chain https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2b579e90284bb804%26uid%3D%24%7BUID%7D https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2b579e90284bb804%26uid%3D%24%7BUID%7D&ox_sc=1 https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2b579e90284bb804&uid=324354ca-4625-48f3-aaec-281a812ebf4d	42 B 104 B	184ms 55ms	Image image/gif	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2b579e90284bb804&uid=324354ca-4625-48f3-aaec-281a812ebf4d Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 10 Jun 2020 03:22:56 GMT server openresty content-type image/gif Redirect headers pragma no-cache date Wed, 10 Jun 2020 03:22:56 GMT via 1.1 google vary Origin server Cowboy status 302 location https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2b579e90284bb804&uid=324354ca-4625-48f3-aaec-281a812ebf4d p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id 0c7k63d5h7gm3hpa4bejnumo0aqusrb2
GET H2	200	um u-ams02.e-planning.net/ Redirect Chain https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2b579e90284bb804 https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2b579e90284bb804	42 B 103 B	124ms 56ms	Image image/gif	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2b579e90284bb804 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 10 Jun 2020 03:22:56 GMT server openresty content-type image/gif Redirect headers Pragma no-cache Date Wed, 10 Jun 2020 03:22:56 GMT Server AC1.1 P3P CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" Location https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2b579e90284bb804 Cache-Control max-age=0,no-cache,no-store Content-Length 0 Expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://eb2.3lift.com/sync?px=1&src=prebid& https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1 https://eb2.3lift.com/xuid?mid=3658&xuid=8114b1b8-c4c5-4177-b358-638dc3a08e23&dongle=0cfd	37 B 352 B	53ms 52ms	Image image/gif	35.158.179.139 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=3658&xuid=8114b1b8-c4c5-4177-b358-638dc3a08e23&dongle=0cfd Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.179.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-179-139.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 10 Jun 2020 03:22:56 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Wed, 10 Jun 2020 03:22:56 GMT x-aspnet-version 4.0.30319 status 302 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://eb2.3lift.com/xuid?mid=3658&xuid=8114b1b8-c4c5-4177-b358-638dc3a08e23&dongle=0cfd cache-control private,no-cache, must-revalidate content-type text/html content-length 209
POST H2	200	ifaddisplayednew Show response analyse.bcovery.com/	0 42 B	58ms 58ms	XHR text/plain	35.227.202.209 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analyse.bcovery.com/ifaddisplayednew Requested by Host: www.ghacks.net URL: https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.202.209 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 209.202.227.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ghacks.net/2017/09/19/first-chrome-extension-with-javascript-crypto-miner-detected/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/json; charset=UTF-8 Response headers status 200 date Wed, 10 Jun 2020 03:22:58 GMT via 1.1 google access-control-allow-origin * alt-svc clear content-length 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers