urlscan.io logo urlscan.io
SecurityTrails logo

portswigger.net Open in urlscan Pro
34.246.159.66  Public Scan

Go To Rescan Add Verdict Report
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Submission: On November 02 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 34.246.159.66, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is portswigger.net.
TLS certificate: Issued by Amazon on October 14th 2021. Valid for: a year.
This is the only time portswigger.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 34.246.159.66 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 4
Domain Requested by
17 portswigger.net portswigger.net
4 www.google-analytics.com portswigger.net
www.google-analytics.com
www.googletagmanager.com
1 www.googletagmanager.com portswigger.net
0 stats.g.doubleclick.net Failed www.google-analytics.com
23 4
Subject Issuer Validity Valid
portswigger.net
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Frame ID: 701FEA24A7BC32BCCA000967381FECF9
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Popular NPM package UA-Parser-JS poisoned with cryptomining, password-stealing malware | The Daily Swig

Page Statistics

23
Requests

96 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

843 kB
Transfer

1653 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
portswigger.net/daily-swig/ 		50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ea3e90fadeca1d6e9e976628d1cdbe3c553a0e06d55a9e478cfb9c59e3478d7b
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self' data:;media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-dG9jV3+JuhETjLOjj7bye+t2eHX5kjxB';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, s-maxage=0, private
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self' data:;media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-dG9jV3+JuhETjLOjj7bye+t2eHX5kjxB';style-src 'self';
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin
psdailyswig.css
portswigger.net/content/ 		731 KB
116 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
dad4e2d0458d05a5e4927fda2621af9facb553ef9c2fa42aaaa5db6e47b03b12
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-dP6YgeBik2bkqBds9DxKrgvn5woS5AuQ';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
etag
"zz5gDZb4kdngQzcV7uj_3H9_yt0"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
same-site
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-dP6YgeBik2bkqBds9DxKrgvn5woS5AuQ';style-src 'self';
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
ps-icons-small.woff
portswigger.net/Content/Fonts/ps-icons-small/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/Content/Fonts/ps-icons-small/ps-icons-small.woff?td2uot
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
dc073c16a34a852f5092828a526ea8b52420c892e60014b0ef4c4044df2c6a08
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-63IcaLvLqc6WfqovCkti+3jquL98fkNh';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Origin
https://portswigger.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-length
8496
x-xss-protection
1; mode=block
last-modified
Fri, 22 Oct 2021 10:34:08 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"1d7c73058083130"
strict-transport-security
max-age=31536000; preload
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
must-revalidate, max-age=0
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-63IcaLvLqc6WfqovCkti+3jquL98fkNh';style-src 'self';
accept-ranges
bytes
ps-icons.woff
portswigger.net/Content/Fonts/ps-main/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/Content/Fonts/ps-main/ps-icons.woff?l1la2n
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
99ae8f3df9cd274d22de77dceb0beacdf0f5d44dbf8fcfe7ef08aae10d5c3db3
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-b/HfVQtRrZFktIC8hj3fCQCBrT63knnd';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Origin
https://portswigger.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-length
25292
x-xss-protection
1; mode=block
last-modified
Fri, 22 Oct 2021 10:34:08 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"1d7c730580872cc"
strict-transport-security
max-age=31536000; preload
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
must-revalidate, max-age=0
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-b/HfVQtRrZFktIC8hj3fCQCBrT63knnd';style-src 'self';
accept-ranges
bytes
the-daily-swig-logo.svg
portswigger.net/content/images/banners/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/content/images/banners/the-daily-swig-logo.svg
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6e6e40eacb162d968d66193460e961de688ed4535f1297c31f97bb1fddde830a
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-MWSxPCWHuShMnnwgoIcecP8d/IT9T+fy';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment
content-length
27670
x-xss-protection
1; mode=block
last-modified
Fri, 22 Oct 2021 10:34:08 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"1d7c73058087c16"
strict-transport-security
max-age=31536000; preload
content-type
image/svg+xml
cache-control
must-revalidate, max-age=0
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-MWSxPCWHuShMnnwgoIcecP8d/IT9T+fy';style-src 'self';
accept-ranges
bytes
7535-article-211025-npm-body-text-1200.png
portswigger.net/cms/images/cf/c9/ 		309 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/cms/images/cf/c9/7535-article-211025-npm-body-text-1200.png
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
38c036da7dc7289ccf8253d35f07c115b5aecb51ca48dfc7732b20daed20af2c
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-zhnRmQjYgNTMeajJ6TTzvp/X/2y5Qh5o';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Oct 2021 15:30:18 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-store, no-cache, s-maxage=0, private
cross-origin-resource-policy
same-origin
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-zhnRmQjYgNTMeajJ6TTzvp/X/2y5Qh5o';style-src 'self';
strict-transport-security
max-age=31536000; preload
content-length
316360
x-xss-protection
1; mode=block
adam-bannister.png
portswigger.net/cms/profiles/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/cms/profiles/adam-bannister.png
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9c071749386df2f85a6d8a1619b019572f4da2d7a596e247373247f92860e34d
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-iQS1e9+y1lheG4l2FeUnJvzOJtAAo5dB';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 15:23:37 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-store, no-cache, s-maxage=0, private
cross-origin-resource-policy
same-origin
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-iQS1e9+y1lheG4l2FeUnJvzOJtAAo5dB';style-src 'self';
strict-transport-security
max-age=31536000; preload
content-length
22151
x-xss-protection
1; mode=block
details.js
portswigger.net/bundles/cms/dailyswig/ 		91 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/bundles/cms/dailyswig/details.js?v=hje73aGOaTftll1nunPDxvpCvcc
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f14d1ec36a6614253fc780e93ce8a3cfe2afc3488bb2d6da6584943b62e33a78
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-hLkpeEAFcimcwuWaIe8Kj39Bn7VtmIms';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
etag
"hje73aGOaTftll1nunPDxvpCvcc"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
same-site
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-hLkpeEAFcimcwuWaIe8Kj39Bn7VtmIms';style-src 'self';
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
portswigger-logo.svg
portswigger.net/content/images/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/content/images/logos/portswigger-logo.svg
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
151f261887b445728190b4dc8ee577bffc66f9c5b450229aa8ed9489c19fa058
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-+VkbkJVKYuyMxKS269YJ5BIVqk6MiXCS';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:48 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment
content-length
3292
x-xss-protection
1; mode=block
last-modified
Fri, 22 Oct 2021 10:34:08 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"1d7c73058081cdc"
strict-transport-security
max-age=31536000; preload
content-type
image/svg+xml
cache-control
must-revalidate, max-age=0
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-+VkbkJVKYuyMxKS269YJ5BIVqk6MiXCS';style-src 'self';
accept-ranges
bytes
the-daily-swig-header-background.png
portswigger.net/Content/Images/Banners/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/Content/Images/Banners/the-daily-swig-header-background.png?v=CRY7wQ8-OABUWAt4UkHQhnln1qk
Requested by
Host: portswigger.net
URL: https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d196be23817a0f881e89c9887757b3138ad3e2737e1f5f654e306317b0fe2bab
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-mJ4iIazlTxt2siIruzBHTrRtknXvBvHU';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Oct 2021 10:34:08 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
etag
"1d7c7305808d374"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
must-revalidate, max-age=0
cross-origin-resource-policy
same-origin
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-mJ4iIazlTxt2siIruzBHTrRtknXvBvHU';style-src 'self';
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
50036
x-xss-protection
1; mode=block
ps-icons.woff
portswigger.net/Content/Fonts/ps-main/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/Content/Fonts/ps-main/ps-icons.woff?v=CRY7wQ8-OABUWAt4UkHQhnln1qk&l1la2n
Requested by
Host: portswigger.net
URL: https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
99ae8f3df9cd274d22de77dceb0beacdf0f5d44dbf8fcfe7ef08aae10d5c3db3
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-wxUTlzCWMlP7BlXjXIbFQaX6QUwWpXQs';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Origin
https://portswigger.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-length
25292
x-xss-protection
1; mode=block
last-modified
Fri, 22 Oct 2021 10:34:08 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"1d7c730580872cc"
strict-transport-security
max-age=31536000; preload
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
must-revalidate, max-age=0
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-wxUTlzCWMlP7BlXjXIbFQaX6QUwWpXQs';style-src 'self';
accept-ranges
bytes
ps-icons-small.woff
portswigger.net/Content/Fonts/ps-icons-small/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/Content/Fonts/ps-icons-small/ps-icons-small.woff?v=CRY7wQ8-OABUWAt4UkHQhnln1qk&td2uot
Requested by
Host: portswigger.net
URL: https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
dc073c16a34a852f5092828a526ea8b52420c892e60014b0ef4c4044df2c6a08
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-t07a4bt0yrwtD/TrTmuM79nyKOUBbFht';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Origin
https://portswigger.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-length
8496
x-xss-protection
1; mode=block
last-modified
Fri, 22 Oct 2021 10:34:08 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"1d7c73058083130"
strict-transport-security
max-age=31536000; preload
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
must-revalidate, max-age=0
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-t07a4bt0yrwtD/TrTmuM79nyKOUBbFht';style-src 'self';
accept-ranges
bytes
cms.ttf
portswigger.net/Content/Fonts/CMS/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portswigger.net/Content/Fonts/CMS/cms.ttf?v=zIB_OtLFJUCmEwvE0wKmWCgtUQ4&um5lpw
Requested by
Host: portswigger.net
URL: https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2ed6a3f9ae1e57affe404bb4ba5c8d1966d7ddc16f91356828d09d814dd02930
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-oPwnaXTVJqDIOWOw9Lur7qgIT9q6K3Vc';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portswigger.net/content/psdailyswig.css?v=zz5gDZb4kdngQzcV7uj_3H9_yt0
Origin
https://portswigger.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
same-origin
content-length
1344
x-xss-protection
1; mode=block
last-modified
Fri, 22 Oct 2021 10:34:06 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"1d7c73056d6e640"
strict-transport-security
max-age=31536000; preload
access-control-allow-methods
GET
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
must-revalidate, max-age=0
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-oPwnaXTVJqDIOWOw9Lur7qgIT9q6K3Vc';style-src 'self';
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: portswigger.net
URL: https://portswigger.net/bundles/cms/dailyswig/details.js?v=hje73aGOaTftll1nunPDxvpCvcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
735
date
Tue, 02 Nov 2021 06:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 02 Nov 2021 08:00:34 GMT
gtm.js
www.googletagmanager.com/ 		107 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4CF4TD
Requested by
Host: portswigger.net
URL: https://portswigger.net/bundles/cms/dailyswig/details.js?v=hje73aGOaTftll1nunPDxvpCvcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
056f1f0010df97cc0d8fdcd05b077d0ae4851738fcc4980671db964ca89f19b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40466
x-xss-protection
0
expires
Tue, 02 Nov 2021 06:12:49 GMT
2474-tile-orange-muted.png
portswigger.net/cms/images/47/76/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/cms/images/47/76/2474-tile-orange-muted.png
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2a21c251e24dcf9b58278d954abb8f90a2ba31db0ea65fc940b293aa29ef0a50
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-WpJb9llUJSc/Q7qNo+042uA+Ndc3DaHh';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 16:10:10 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-store, no-cache, s-maxage=0, private
cross-origin-resource-policy
same-origin
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-WpJb9llUJSc/Q7qNo+042uA+Ndc3DaHh';style-src 'self';
strict-transport-security
max-age=31536000; preload
content-length
1942
x-xss-protection
1; mode=block
c71d-widetile-bug-bounty-radar-2021-2x1-green.jpg
portswigger.net/cms/images/67/c3/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/cms/images/67/c3/c71d-widetile-bug-bounty-radar-2021-2x1-green.jpg
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
0993db58c7b4112889557fb365217cb7fdbc5e4baa59e7178a92e21efa21571d
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-jUzha5rSIdo58prCaKRk0n/EfXiJ7Gbd';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 15:48:23 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
no-store, no-cache, s-maxage=0, private
cross-origin-resource-policy
same-site
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-jUzha5rSIdo58prCaKRk0n/EfXiJ7Gbd';style-src 'self';
strict-transport-security
max-age=31536000; preload
content-length
31884
x-xss-protection
1; mode=block
7800-tile-yellow-industrial.png
portswigger.net/cms/images/b4/f1/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/cms/images/b4/f1/7800-tile-yellow-industrial.png
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
108dda916629e6531fff86501c48dcefdf8d168b95141eddd684712d42bfeadc
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-aQA705vQK5Svg2SVC4cUiYQCzB3b2apj';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 14:09:25 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-store, no-cache, s-maxage=0, private
cross-origin-resource-policy
same-origin
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-aQA705vQK5Svg2SVC4cUiYQCzB3b2apj';style-src 'self';
strict-transport-security
max-age=31536000; preload
content-length
1941
x-xss-protection
1; mode=block
e09a-tile-211029-devops-1x1.png
portswigger.net/cms/images/d5/31/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portswigger.net/cms/images/d5/31/e09a-tile-211029-devops-1x1.png
Requested by
Host: portswigger.net
URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.159.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-159-66.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
8bf26b3f5fb066a29fd2af2d46ca5feb47f50f8ce2efda9eab7ceb0051abfca8
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-+2RPMMad4VXCzSsrTNrRcK47NLQU3iYy';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 29 Oct 2021 15:15:24 GMT
server
Microsoft-IIS/10.0
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-store, no-cache, s-maxage=0, private
cross-origin-resource-policy
same-origin
content-security-policy
default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-+2RPMMad4VXCzSsrTNrRcK47NLQU3iYy';style-src 'self';
strict-transport-security
max-age=31536000; preload
content-length
66573
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1625998375&t=pageview&_s=1&dl=https%3A%2F%2Fportswigger.net%2Fdaily-swig%2Fpopular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware&ul=en-us&de=UTF-8&dt=Popular%20NPM%20package%20UA-Parser-JS%20poisoned%20with%20cryptomining%2C%20password-stealing%20malware%20%7C%20The%20Daily%20Swig&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=253016539&gjid=900496308&cid=1933805076.1635833569&tid=UA-58487031-1&_gid=14108.1635833569&_r=1&cd2=&z=1370759153
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portswigger.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portswigger.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1625998375&t=pageview&_s=1&dl=https%3A%2F%2Fportswigger.net%2Fdaily-swig%2Fpopular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware&ul=en-us&de=UTF-8&dt=Popular%20NPM%20package%20UA-Parser-JS%20poisoned%20with%20cryptomining%2C%20password-stealing%20malware%20%7C%20The%20Daily%20Swig&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAAC~&jid=177847187&gjid=1798375206&cid=1933805076.1635833569&tid=UA-58487031-8&_gid=14108.1635833569&_r=1&gtm=2wgar0M4CF4TD&z=93545431
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portswigger.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Nov 2021 06:12:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portswigger.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4CF4TD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://portswigger.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
735
date
Tue, 02 Nov 2021 06:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 02 Nov 2021 08:00:34 GMT
collect
stats.g.doubleclick.net/j/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-58487031-1&cid=1933805076.1635833569&jid=253016539&gjid=900496308&_gid=14108.1635833569&_u=aEBAAEAAEAAAAC~&z=113951865

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| TileColorManager object| KeyCode object| hoverMenu object| tiles object| actionButtons object| ajaxResultProcessor object| eventHandler object| gaEventManager function| $ function| jQuery object| dataLayer object| google_tag_data function| ga object| gaplugins object| gaGlobal object| gaData object| google_tag_manager string| GoogleAnalyticsObject

5 Cookies

Domain/Path Name / Value
.portswigger.net/ Name: SessionId
Value: CfDJ8E%2Bwz0j835xPn7BOifDmT9JIk2Ay0c8EQCQ6yFB0ooTB3O%2Bs%2BxWJoQ%2FL5wa6ZMze7EyuVHQ9WKhyGTRhhBMk%2BnsIgPp%2FEAe9JZru50dYaldUlAllD7CReD7BhKnaX2j9z3kWO10qNvh8k45v9qpwSMVCrVRPU49hOO9lCnaqjgDl
.portswigger.net/ Name: _ga
Value: GA1.2.1933805076.1635833569
.portswigger.net/ Name: _gid
Value: GA1.2.14108.1635833569
.portswigger.net/ Name: _gat
Value: 1
.portswigger.net/ Name: _gat_UA-58487031-8
Value: 1

3 Console Messages

Source Level URL
Text
security error URL: https://www.google-analytics.com/analytics.js(Line 38)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-58487031-1&cid=1933805076.1635833569&jid=253016539&gjid=900496308&_gid=14108.1635833569&_u=aEBAAEAAEAAAAC~&z=113951865' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/".
javascript warning URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Message:
The resource https://portswigger.net/Content/Fonts/ps-icons-small/ps-icons-small.woff?td2uot was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://portswigger.net/daily-swig/popular-npm-package-ua-parser-js-poisoned-with-cryptomining-password-stealing-malware
Message:
The resource https://portswigger.net/Content/Fonts/ps-main/ps-icons.woff?l1la2n was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self' data:;media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'nonce-dG9jV3+JuhETjLOjj7bye+t2eHX5kjxB';style-src 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

portswigger.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
stats.g.doubleclick.net
2a00:1450:4001:813::200e
2a00:1450:4001:830::2008
34.246.159.66
056f1f0010df97cc0d8fdcd05b077d0ae4851738fcc4980671db964ca89f19b6
0993db58c7b4112889557fb365217cb7fdbc5e4baa59e7178a92e21efa21571d
108dda916629e6531fff86501c48dcefdf8d168b95141eddd684712d42bfeadc
151f261887b445728190b4dc8ee577bffc66f9c5b450229aa8ed9489c19fa058
2a21c251e24dcf9b58278d954abb8f90a2ba31db0ea65fc940b293aa29ef0a50
2ed6a3f9ae1e57affe404bb4ba5c8d1966d7ddc16f91356828d09d814dd02930
38c036da7dc7289ccf8253d35f07c115b5aecb51ca48dfc7732b20daed20af2c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6e40eacb162d968d66193460e961de688ed4535f1297c31f97bb1fddde830a
8bf26b3f5fb066a29fd2af2d46ca5feb47f50f8ce2efda9eab7ceb0051abfca8
99ae8f3df9cd274d22de77dceb0beacdf0f5d44dbf8fcfe7ef08aae10d5c3db3
9c071749386df2f85a6d8a1619b019572f4da2d7a596e247373247f92860e34d
d196be23817a0f881e89c9887757b3138ad3e2737e1f5f654e306317b0fe2bab
dad4e2d0458d05a5e4927fda2621af9facb553ef9c2fa42aaaa5db6e47b03b12
dc073c16a34a852f5092828a526ea8b52420c892e60014b0ef4c4044df2c6a08
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ea3e90fadeca1d6e9e976628d1cdbe3c553a0e06d55a9e478cfb9c59e3478d7b
f14d1ec36a6614253fc780e93ce8a3cfe2afc3488bb2d6da6584943b62e33a78
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62