www.itnews.com.au Open in urlscan Pro
203.176.102.69 Public Scan

URL: https://www.facebook.com/iTnewsAustralia

URL: https://www.linkedin.com/company/itnews

URL: https://www.itnews.asia/
Title: Asia Edition

URL: https://mrd0x.com/browser-in-the-browser-phishing-attack/
Title: documented

URL: https://mrd0x.com/whoami
Title: mr.d0x

URL: https://twitter.com/intent/tweet?text=Phishers%20devise%20browser-in-the-browser%20attacks,%20%27chameleon%27%20landing%20pages&related=&url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source=desktop%26utm_medium=twitter%26utm_campaign=share

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source=desktop%26utm_medium=facebook%26utm_campaign=share

URL: https://www.linkedin.com/shareArticle?url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source=desktop%26utm_medium=linkedin%26utm_campaign=share

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source%3Dmobile%26utm_medium%3Dfacebook%26utm_campaign%3Dshare

URL: https://www.linkedin.com/shareArticle?url=https%3a%2f%2fwww.itnews.com.au%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%3Futm_source%3Dmobile%26utm_medium%3Dlinkedin%26utm_campaign%3Dshare

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5935527728&iu=/1003277/iTnews-SponsoredLinks

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5932779787&iu=/1003277/iTnews-SponsoredLinks

URL: https://www.crn.com.au/news/google-cloud-names-angela-coronica-new-anz-channel-chief-575039?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Google Cloud names Angela Coronica new ANZ channel chief

URL: https://www.crn.com.au/news/sap-names-first-regional-head-of-sustainability-575067?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: SAP names first regional head of sustainability

URL: https://www.crn.com.au/news/long-time-microsoft-anz-exec-phil-goldie-departs-after-12-years-575011?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Long-time Microsoft ANZ exec Phil Goldie departs after 12 years

URL: https://www.crn.com.au/news/canon-business-services-acquires-wa-microsoft-partner-satalyst-574890?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Canon Business Services acquires WA Microsoft partner Satalyst

URL: https://www.crn.com.au/news/aussie-technology-spending-to-reach-111-billion-in-2022-gartner-574894?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Aussie technology spending to reach $111 billion in 2022: Gartner

URL: https://www.bit.com.au/review/venom-blackbook-zero-15-phantom-573253?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Venom BlackBook Zero 15 Phantom

URL: https://www.bit.com.au/guide/facebook-linkedin-or-instagram-social-media-success-isnt-one-size-fits-all-574908?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Facebook, LinkedIn or Instagram? Social media success isn’t one size fits all

URL: https://www.bit.com.au/guide/digital-dystopia-your-reputation-is-on-the-line-574913?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Digital dystopia: your reputation is on the line

URL: https://www.bit.com.au/guide/creating-sustainable-high-performance-computing-to-drive-the-data-industry-forward-574918?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: Creating sustainable high-performance computing to drive the data industry forward

URL: https://www.bit.com.au/news/how-long-will-a-ups-keep-your-computers-on-if-the-lights-go-out-316806?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: How long will a UPS keep your computers on if the lights go out?

URL: https://www.iothub.com.au/event/iot-impact-conference-576820?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: IoT Impact Conference

URL: https://www.iothub.com.au/event/iot-insights-conference-orange-nsw-digital-food-agribusiness-576814?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: IoT Insights conference, Orange NSW: Digital Food & Agribusiness

URL: https://www.iothub.com.au/news/iot-impact-moving-to-june-9-575046?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: IoT Impact moving to June 9

URL: https://www.iothub.com.au/news/2021-iot-awards-winners-announced-572454?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: 2021 IoT Awards winners announced

URL: https://www.iothub.com.au/news/john-holland-uses-iot-to-track-spoil-removal-from-construction-sites-577419?utm_source=itnews&utm_medium=web&utm_campaign=networkbar
Title: John Holland uses IoT to track spoil removal from construction sites

URL: https://www.nextmedia.com.au/

URL: https://www.bit.com.au/
Title: BIT

URL: https://www.crn.com.au/
Title: CRN Australia

URL: https://www.iothub.com.au/
Title: IoT Hub

URL: https://www.nextmedia.com.au/privacy-policy/
Title: Privacy Policy

URL: https://www.nextmedia.com.au/terms-conditions/
Title: Terms & Conditions

URL: https://www.interactive.com.au/

URL: https://www.nextmedia.com.au/cookie-policy
Title: Cookie Policy

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://www.itnews.com.au/Images/mobile-share-twitter.png HTTP 301
https://www.itnews.com.au/images/mobile-share-twitter.png

Request Chain 21

https://www.itnews.com.au/Images/mobile-share-facebook.png HTTP 301
https://www.itnews.com.au/images/mobile-share-facebook.png

Request Chain 22

https://www.itnews.com.au/Images/mobile-share-linkedin.png HTTP 301
https://www.itnews.com.au/images/mobile-share-linkedin.png

Request Chain 23

https://www.itnews.com.au/Images/mobile-share-whatsapp.png HTTP 301
https://www.itnews.com.au/images/mobile-share-whatsapp.png

Request Chain 24

https://www.itnews.com.au/Images/mobile-share-email.png HTTP 301
https://www.itnews.com.au/images/mobile-share-email.png

Request Chain 46

https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png HTTP 301
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png

Request Chain 47

https://www.itnews.com.au/Images/itnews-logo-white.png HTTP 301
https://www.itnews.com.au/images/itnews-logo-white.png

Request Chain 48

https://www.itnews.com.au/Images/search-icon.png HTTP 301
https://www.itnews.com.au/images/search-icon.png

Request Chain 90

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647544711565&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1647544711565%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647544711565&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&liSync=true

Request Chain 110

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2f20220228043335_small.png&s=20220228043335_small.png HTTP 302
https://i.nextmedia.com.au/Assets/20220228043335_small.png

Request Chain 111

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2fRVBD-Aternity-Lockup85x25.jpg&s=RVBD-Aternity-Lockup85x25.jpg HTTP 302
https://i.nextmedia.com.au/Assets/RVBD-Aternity-Lockup85x25.jpg

Request Chain 112

https://www.itnews.com.au/Images/bullet.png HTTP 301
https://www.itnews.com.au/images/bullet.png

Request Chain 128

https://pixel-geo.prfct.co/tagjs?a_id=147698&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag

Request Chain 154

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202203|623389873eeb6b3913312650&pid=pa_XQznHh6B6KdiVBg3T HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202203%7C623389873eeb6b3913312650%26pid%3Dpa_XQznHh6B6KdiVBg3T HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=5257520836624331318&sid=202203|623389873eeb6b3913312650&pid=pa_XQznHh6B6KdiVBg3T

Request Chain 155

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_XQznHh6B6KdiVBg3T

Request Chain 156

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_XQznHh6B6KdiVBg3T&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_XQznHh6B6KdiVBg3T&_origin=1&verify=true

Request Chain 157

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_XQznHh6B6KdiVBg3T

Request Chain 158

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_XQznHh6B6KdiVBg3T

Request Chain 159

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWFF6bkhoNkI2S2RpVkJnM1Q HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 240

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuxjDuzGgyU7pVVUQT8CIbIsIUMS57M_aptS2sFxDQ239yoshfLVk_WfIjIrQkx4Pssfa1pgEE8zgu6tJkyPnnYsLm3q581LEEAKx2cyf2Foh7U86JoFme_KSHQwuK0jHJPWYEHJ_5NAIoQdFXlS6ObbCzltMeq8KNpZSgmw8JO9TzY1dfEk6HarT7fg0SYRH-cDxVvo4AP-iSnQDG4JZ05_iukTrc07KvUP8zxS7VnwiMY-nxkD0GL_JFAMBwKucTWAFEp3foSLA1dfAYW8_hbVB1XDe-I62XHgEXEORs5MG-GVPNdb6K5AoX&sig=Cg0ArKJSzChtNd0GEE0BEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/3473041443409053549? HTTP 302
https://tpc.googlesyndication.com/simgad/3473041443409053549

283 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458 Show response
www.itnews.com.au/news/ 74 KB
74 KB 870ms
296ms Document
text/html 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d2ee5e7b6743f528a3b5bafffe22c660250acf7630759db7768dfeb7fc3c4ba7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Thu, 17 Mar 2022 19:18:29 GMT
content-length: 75962

GET
H2 200 css
fonts.googleapis.com/ 4 KB
572 B 51ms
26ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

111ef215436e1f4c0a8415e91562f11b2c81cfaedb5a4f35c61408a920b37fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 19:18:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 19:18:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 19:18:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
982 B 42ms
17ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b695d61dec08008b7557f86ef8855cac3d5ecb30e22ff774963ba80d0c5b7ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 19:18:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 19:18:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 19:18:30 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 34ms
15ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 685104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42jaUBNyTxiHj%2BogDZHjq79vunchuEFK8%2BpmnzsKaTb4oZ9uBQQP7nir7s2f2wD1VN9p%2BYtwc6LfPxzy%2FxZZa9Twg9uKKJOIkW0E1cMLPeJx8ciSqiSP2%2FfAFfRnVu%2Fhb8FPdR3a"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ed8132b3e9f9bbc-FRA
expires: Tue, 07 Mar 2023 19:18:30 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 34 KB
35 KB 32ms
7ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:36:40 GMT
x-content-type-options: nosniff
age: 34910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35212
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 09:36:40 GMT

GET
H2 200 css_6b1b8d61a41b56d897df75b23d33ac64.css
www.itnews.com.au/styles/ 239 KB
36 KB 488ms
488ms Stylesheet
text/css 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 062acacf52f08a643fc6509d33cd201c510d025b66f2120b52d74de0de96046d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:29 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 07:16:05 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80a885ddce39d81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 37033
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 itnews-logo-sticky.png
www.itnews.com.au/images/ 4 KB
4 KB 437ms
437ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-sticky.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:29 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "be83c6e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3919
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
64 KB 48ms
25ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8e916129a35ec5378ec1b254ed5fa7796efd7e12eafffcee2f0defd19b449ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65195
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H2 200 itnews-logo-white.png
www.itnews.com.au/images/ 4 KB
4 KB 286ms
281ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:29 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dfcd0e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3959
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 50 KB
50 KB 1483ms
844ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2freal-fake-facebook_login.png&w=480&c=0&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9b3fd594766f46240cab8e1fd423a26d9f174f9d0115a76d124400013b239652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="0_0_480_1_70_/News/real-fake-facebook_login.png"
content-length: 51343
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 67ms
15ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:31 GMT
Content-Encoding: gzip
Age: 364
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (frb/6772)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 newsletter-promo-1.png
www.itnews.com.au/images/ 38 KB
39 KB 286ms
281ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/newsletter-promo-1.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:29 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b8459e21938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 39346
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 15 KB
15 KB 922ms
283ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2flog4j_stock_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 971d0bc2853ee6eb0a538a1d57daa1e71ef704100eefef26b3f5ccfe8ee10bb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/log4j_stock_1.jpg"
content-length: 15032
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 1203ms
564ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2flegal_laptop_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8ddc8cba700879d518a9b17c5635b46684b5f9145d3ba6bc539f2f86944aff94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/legal_laptop_1.jpg"
content-length: 8785
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 1202ms
563ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2f20220113040609_data_fast_person_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b628abcb91b2bbacf3fca30fe48a3aa9680b9562c9ab565fcd9c6401bba44d1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/20220113040609_data_fast_person_1.jpg"
content-length: 9126
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 1203ms
564ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fwoman_credit_card_1.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e9104b941a674f5c608e69793968d50038deb66e6ed04be241f24438bad38fb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Features/woman_credit_card_1.jpg"
content-length: 9165
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 2 KB
2 KB 1203ms
564ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fBarracuda_Ransomware.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 54c0b046768c0d09f71e5dbf85d8182618bdef2d7a7f596dde637ebd8fcb6164

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/Barracuda_Ransomware.JPG"
content-length: 1914
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 1 KB
1 KB 769ms
765ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2f20220302095610_RVBD-Aternity-Lockup.jpg&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fcb003d472154f94b33af9a9387972c9930c65a786077fb527407bb230f87c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/20220302095610_RVBD-Aternity-Lockup.jpg"
content-length: 1316
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 15 KB
15 KB 1050ms
1046ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fITN_HelpSystems_0222_Inter.png&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1e6f97bb2faa88db0884736640299ae3182de6bfb73f2be2e47db465b3753e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/ITN_HelpSystems_0222_Inter.png"
content-length: 15226
expires: Sun, 20 Mar 2022 19:18:30 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 2 KB
2 KB 1050ms
1047ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fping_identity.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aaccce9f5bfeff04e43f1fd8843da1ccf4d48e7edab0086886ec69bf13debe1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/ping_identity.JPG"
content-length: 2428
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 3 KB
3 KB 1051ms
1047ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fFortinet_Networking_Cybersecurity_Index.JPG&w=100&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee17c613ed2ebc4defb62864a13c2ef23e1f2b0b49451c3f97f194d0359345f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_0_100_0_70_/Reports/Fortinet_Networking_Cybersecurity_Index.JPG"
content-length: 3121
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2

200

mobile-share-twitter.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-twitter.png
https://www.itnews.com.au/images/mobile-share-twitter.png

2 KB
2 KB

283ms
283ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-twitter.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "2233f6e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2448
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-twitter.png
date: Thu, 17 Mar 2022 19:18:29 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 180
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-facebook.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-facebook.png
https://www.itnews.com.au/images/mobile-share-facebook.png

1 KB
1 KB

284ms
283ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-facebook.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "79a9ece11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1432
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-facebook.png
date: Thu, 17 Mar 2022 19:18:29 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-linkedin.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-linkedin.png
https://www.itnews.com.au/images/mobile-share-linkedin.png

2 KB
2 KB

285ms
284ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-linkedin.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "79a9ece11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1733
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-linkedin.png
date: Thu, 17 Mar 2022 19:18:29 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-whatsapp.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-whatsapp.png
https://www.itnews.com.au/images/mobile-share-whatsapp.png

3 KB
4 KB

285ms
285ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-whatsapp.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1ef8fae11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3541
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-whatsapp.png
date: Thu, 17 Mar 2022 19:18:29 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 181
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

mobile-share-email.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/mobile-share-email.png
https://www.itnews.com.au/images/mobile-share-email.png

2 KB
2 KB

285ms
285ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/mobile-share-email.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9c82e5e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2375
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/mobile-share-email.png
date: Thu, 17 Mar 2022 19:18:29 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 178
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 13 KB
13 KB 1050ms
1047ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2ftax_form_ATO.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 514948b990e4feb83adfe5e20b02ea2d52d52d1d74fff52e045fd3469be58bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/tax_form_ATO.jpg"
content-length: 12873
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 18 KB
18 KB 1051ms
1047ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2foptus-store+iStock_690.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0f51be3d59beeab87af20529dd26391d93ac5a24d1749fb6ad3af63d58603294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/optus-store iStock_690.jpg"
content-length: 18690
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 10 KB
10 KB 1058ms
1054ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fAytenOzenc2.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bf6eb81d2f0ae2a0198948b2ad42234e710fbe8146c4bd802b89bdcaba5f7ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/AytenOzenc2.jpg"
content-length: 10522
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 19 KB
19 KB 1058ms
1055ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fbiometrics_fingerprint_scan.jpg&h=271&w=480&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de089a1f4b50646a7ad59fb72bf584ef22c46fa61bc468f08cbed592f3e3a388

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_271_480_1_70_/News/biometrics_fingerprint_scan.jpg"
content-length: 19744
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 59 KB
60 KB 1067ms
1063ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fActivison_blizzard_metaverse.png&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 57ec11788b4c6fe3f3f9865bcaa5d26f76dd70f64fcf7c21f5df634c201c108c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/Activison_blizzard_metaverse.png"
content-length: 60791
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 5 KB
6 KB 1333ms
1330ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fMark_Macumber_PlayHQ_Head_of_Technology.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ac61affb2c53245cac26fc3f5639e9099083b533cce159c1789021bc9cba1ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/Mark_Macumber_PlayHQ_Head_of_Technology.jpg"
content-length: 5585
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 9 KB
9 KB 1334ms
1331ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fiStock-1353849384.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eabfa2c6f318f6b75277efaf8b857efc7be1996648af308ecf700619f0a1dc63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/iStock-1353849384.jpg"
content-length: 9166
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 4 KB
4 KB 1334ms
1331ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fiStock-1309701000.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 37394651b95dda9e8bb1f749671b17658847a4d98b24400a619bd3022940960c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/News/iStock-1309701000.jpg"
content-length: 3906
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 10 KB
11 KB 1335ms
1331ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fiStock-1185135641.jpg&h=183&w=300&c=1&s=0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 887f930f37e34d35402ae409f73086dbe4a2131a0f060361b30c5313899bfc49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_183_300_0_70_/Videos/iStock-1185135641.jpg"
content-length: 10707
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 77 KB
77 KB 1335ms
1332ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fbri_brady_bnch.png&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2aa340c2aed0e9ab3b3605a83f08471526e68dde27dbd8422a638147e4d460d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/bri_brady_bnch.png"
content-length: 78881
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 5 KB
5 KB 1337ms
1333ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2f1643011317593.jpeg&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28d16ff177150e7eae3726d0a569a1854a310ec00f416107559cd266fe547b1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/1643011317593.jpeg"
content-length: 4647
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 6 KB
6 KB 1337ms
1334ms Image
image/jpeg 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fBlackBook-Zero-15-Phantom-right.jpg&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb78da83b6aecb5e02430b98742d5a902a032b3cbbf9614313a71072bd28278d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/News/BlackBook-Zero-15-Phantom-right.jpg"
content-length: 5855
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 ImageResizer.ashx
i.nextmedia.com.au/Utils/ 81 KB
81 KB 1337ms
1334ms Image
image/png 203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fEvents%2f20220303092641_iot-impact-intro-image1.png&h=141&w=208&c=1&s=1
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 978672615d7f1e3219339d1c6c82e2bb9607c92c21f71927244414199ef561e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
found-in-image-cache: True
cache-control: public
content-disposition: inline; filename="1_141_208_1_70_/Events/20220303092641_iot-impact-intro-image1.png"
content-length: 82730
expires: Sun, 20 Mar 2022 19:18:31 GMT

GET
H2 200 logo_nextmedia.png
www.itnews.com.au/images/ 3 KB
3 KB 284ms
282ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/logo_nextmedia.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:29 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "c45cdee11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3458
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 interactive-logo.png
www.itnews.com.au/images/ 11 KB
12 KB 557ms
555ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/interactive-logo.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f04c6ba9510ec8d7ccdeca4edc6f5de95ebabf01675599d67aba6a23c05f76e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b235b8e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 11720
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 t.ashx
www.itnews.com.au/ 70 B
205 B 563ms
562ms Image
image/gif 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/t.ashx?u=&c=577458&s=3&r=&n=%2fnews%2fArticle.aspx&q=id%3d577458
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
x-ua-compatible: IE=edge,chrome=1
content-length: 70
expires: -1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
94 KB 15ms
15ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 04:39:00 GMT
x-content-type-options: nosniff
age: 139171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95931
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:39:00 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 13ms
13ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 17:40:25 GMT

GET
H2 200 gdpr.js Show response
www.itnews.com.au/scripts/ 4 KB
1 KB 283ms
282ms Script
application/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/gdpr.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:29 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:08:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01c50e51938d81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1378
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 itn_70959f89ed94799f39099b9c8a556bb3.js Show response
www.itnews.com.au/scripts/ 139 KB
42 KB 283ms
282ms Script
application/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 125960938cda0ce106c26a7bb75d9739aa81b06ce576f80b70ff7bcf160d02ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:29 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 07:16:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "012eddcce39d81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 42973
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ss.js Show response
koi-3qnnf9xqbw.marketingautomation.services/client/ 12 KB
5 KB 241ms
116ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.240.178.107.bc.googleusercontent.com
Software: openresty /
Resource Hash: 926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 14:38:30 GMT
server: openresty
etag: W/"623347e6-2fc8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=604800, public
alt-svc: clear
expires: Thu, 24 Mar 2022 19:18:31 GMT

GET
H2

200

breaking-news-header-bkg-40.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png

2 KB
2 KB

282ms
280ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "65c364e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2338
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 187
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

itnews-logo-white.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/itnews-logo-white.png
https://www.itnews.com.au/images/itnews-logo-white.png

4 KB
4 KB

283ms
281ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/itnews-logo-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dfcd0e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3959
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/itnews-logo-white.png
date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 177
x-ua-compatible: IE=edge,chrome=1

GET
H2

200

search-icon.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/search-icon.png
https://www.itnews.com.au/images/search-icon.png

2 KB
2 KB

283ms
281ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/search-icon.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "aa9236e21938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2259
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/search-icon.png
date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 171
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 37ms
14ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 85633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:18 GMT

GET
H2 200 PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v9/ 18 KB
19 KB 36ms
13ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_xRfK9oXHga0XdZsg_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:05 GMT
x-content-type-options: nosniff
age: 83666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18860
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 20:04:05 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 43ms
26ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1119997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2uOL9lVaulzO%2BKFMHdKGGwgE9UBI4HfidkFQ0%2B1RKLZvgLoZdRlQrKOqFZ3sJuf8IBcV3KITsF6cEKjrRLzY%2FKR2vggUbRVrX3h3gVbdohHXNCf%2B6gwpXda6J0JYLjeVm5GwTM1"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ed8132e5d2f9bd6-FRA
expires: Tue, 07 Mar 2023 19:18:31 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 29ms
7ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 85656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:55 GMT

GET
H2 200 PN_yRfK9oXHga0XVzeoqghzW.woff2
fonts.gstatic.com/s/martel/v9/ 19 KB
19 KB 31ms
16ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XVzeoqghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:33:24 GMT
x-content-type-options: nosniff
age: 67507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19072
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:33:24 GMT

GET
H2 200 recirculation.epl Show response
www.dianomi.com/ Frame DA01 2 KB
703 B 103ms
73ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/recirculation.epl?id=119

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9cb73f99c9ded95ae81b3c11621d65224e6f85a9804b5a061341440262739c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed8132eac0f9295-FRA
content-encoding: br

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame A029 7 KB
2 KB 100ms
72ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5141

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14878a22f755d8fde2533c413bbd512ef503953469f8fc0dc11f3c034b95bad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2818/17.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed8132eac129295-FRA
content-encoding: br
cf-h2-pushed: </img/a/pss/2818/17.css>

GET
H2 200 sponsoredcontent.ashx Show response
www.itnews.com.au/scripts/ 1 KB
1 KB 525ms
525ms Script
text/javascript 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/scripts/sponsoredcontent.ashx?type=SponsoredLink&si=Blogs&pa=&sc=32&output=script&ros=True&ord=6022624380276567
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9425b0e837cb9c9590b51c1d888b85253282602b9409aca94363c2c19369a299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: public
x-ua-compatible: IE=edge,chrome=1
content-length: 1157
expires: Thu, 17 Mar 2022 20:18:30 GMT

GET
H2 200 end-quote.png
www.itnews.com.au/images/ 1 KB
1 KB 516ms
516ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/end-quote.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51d03b0e5c77c8e9a0f743307168b9f7db8ba1d9e0e24cc287be4506f2609576

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b2c0a2e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1172
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 play-btn.png
www.itnews.com.au/images/featured/ 2 KB
2 KB 514ms
514ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/featured/play-btn.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:05 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1b46afe31938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 2120
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-comments.png
www.itnews.com.au/images/ 981 B
1 KB 515ms
514ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-comments.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a0e7e32cf14caf3c5f5b29e79bd8711348a5bf2137a12104d2cd1b1110b0f272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a1c445e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 981
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-tw.png
www.itnews.com.au/images/ 747 B
804 B 515ms
514ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-tw.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fa4b9d9a56c65d6f525056d71f4e46b1f2750e86960343402424d88c13772f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b8fe5fe11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 747
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-fb.png
www.itnews.com.au/images/ 345 B
402 B 514ms
512ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-fb.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 413dc61acc8e9741b76a34382ddbe3632052fe38d580bd2680d3e9d407ceb6be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "55894ae11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 345
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-li.png
www.itnews.com.au/images/ 473 B
530 B 513ms
511ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-li.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1096ae848f7e01f065ce530dcd17bd1a1af503a2c4ae83cbf8972e900446e36a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "95d758e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 473
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-feedback_2.png
www.itnews.com.au/images/ 678 B
736 B 514ms
512ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-feedback_2.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 96f1173b3c05e0f7230e3d2b4ac6ebd7d816de5e71ebabfbe20e2b339dba6078

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ed1254e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 678
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-email.png
www.itnews.com.au/images/ 744 B
800 B 514ms
511ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-email.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a7f7b00e22cf33ff4aeef9005ebb800ccad9f67e326142d8ba30c2e801ac719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "32748e11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 744
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 article-share-print.png
www.itnews.com.au/images/ 709 B
782 B 514ms
512ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/article-share-print.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ea6da8487b903fd84a283d780bede1ae1da97d7f2c364653e790822405505f62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "783a5be11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 709
x-ua-compatible: IE=edge,chrome=1

GET
H3 200 PN_yRfK9oXHga0XV5e8qghzW.woff2
fonts.gstatic.com/s/martel/v9/ 18 KB
18 KB 24ms
9ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV5e8qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:30:03 GMT
x-content-type-options: nosniff
age: 67708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18820
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:30:03 GMT

GET
H3 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v9/ 19 KB
19 KB 30ms
14ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,300,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:03:49 GMT
x-content-type-options: nosniff
age: 83682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19012
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 20:03:49 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 26ms
11ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-108-138-17-83.fra56.r.cloudfront.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itnews.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 85633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:18 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 29ms
8ms Script
application/x-javascript 2.16.106.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.106.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Mar 2022 20:16:02 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=20849
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3073

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 76ms
54ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H2 200 hotjar-2321248.js Show response
static.hotjar.com/c/ 4 KB
2 KB 83ms
30ms Script
application/javascript 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2321248.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1eb6ad8124432441f955aea958eede26d9643cba2ec680458c3d7eb3cd096ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1879
access-control-allow-origin: *
x-cache-hit: 1
etag: W/9b7a4861bb507b473b1ada071c361578
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: VDD2MZY5T4Bmxp2Zy7PsqQnVPbiF_1kQsSPG1TkvkyDLbIltzjsQ-A==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 25ms
8ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: +CytqiJb6xez4ysA5chhj2p/6cXtjlrEW/mHppV+zH4ET94OLxVYLbaWD0xxZej8AjKZsZyOQIgb7W5VH+LXlg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 17 Mar 2022 19:18:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 21321196.js Show response
js.hs-scripts.com/ 975 B
908 B 187ms
160ms Script
application/javascript 104.17.214.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.214.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01cf87d88e8d2c48db4e10358781b9eb74b29e39870d776342e66f6beeda96a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: c3fae6b6-f91c-4e77-902c-76b495e16278
last-modified: Thu, 17 Mar 2022 19:16:01 GMT
server: cloudflare
x-trace: 2B3587F3C69D481D0EB7EC484A3D94FF985CAFC176000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.itnews.com.au
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ed8132f7bc990e8-FRA
expires: Thu, 17 Mar 2022 19:19:31 GMT

GET
H2 200 17.css
www.dianomi.com/img/a/pss/2818/ Frame A029 2 KB
958 B 19ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2818/17.css

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1801387
cf-polished: origSize=2720
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Nov 2021 22:23:27 GMT
server: cloudflare
etag: W/"aa0-5d1904e9678f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6ed8132f1ccc9295-FRA
cf-bgj: minify

GET
H2 200 viewability10.js Show response
www.dianomi.com/js/ Frame A029 7 KB
3 KB 23ms
23ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability10.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3d83182d981db2e72f00211d9e93ae55db41b31aa8239b589a725521f6b3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
cf-polished: origSize=10836
last-modified: Mon, 21 Feb 2022 14:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"2a54-5d88837f2e3fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 6ed8132f4d139295-FRA
expires: Thu, 17 Mar 2022 19:20:31 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame A029 1 KB
1 KB 38ms
36ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 52942
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d1e9295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/247389/3/ Frame A029 1 KB
1 KB 30ms
28ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/247389/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b10ea2375df389f23e4db28ab05b5206a5bee02e8ce2a9372fb6cc2fa2ebca57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 100958
cf-polished: qual=85, origFmt=jpeg, origSize=7373
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1082
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 13:05:10 GMT
server: cloudflare
etag: "1ccd-5d9dcdd30dde3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d219295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/212358/8/ Frame A029 2 KB
2 KB 23ms
22ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/212358/8/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66b49ad8246c5503671cbbf5b5c233e95a0bc42685cdd82de94c1036c63bdcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21771
cf-polished: qual=85, origFmt=jpeg, origSize=3574
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1726
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Jan 2022 21:18:47 GMT
server: cloudflare
etag: "df6-5d6e754897f53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d239295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/217468/8/ Frame A029 2 KB
2 KB 21ms
20ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/217468/8/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd1f9a22b198fbf5c457c1c62e97e97b5f7ce20a89e9d96e694b4e76a19c4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25041
cf-polished: qual=85, origFmt=jpeg, origSize=16365
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2244
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Mar 2022 14:42:27 GMT
server: cloudflare
etag: "3fed-5d9b5fd6d0940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d249295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/217345/3/ Frame A029 3 KB
3 KB 23ms
22ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/217345/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed0510d7e8c977da0e0e4302d4afb628052457ad784ba6d19c50b7aeb5704950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 137237
cf-polished: degrade=85, origSize=4997, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 3287
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Jan 2022 21:15:27 GMT
server: cloudflare
etag: "1385-5d49fe73838c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d259295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/249777/3/ Frame A029 1 KB
2 KB 54ms
53ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/249777/3/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5c21bd29f67d0b0632ed892761005e3fb5725fa99d00d00299e728428e1381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=5081
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1526
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Mar 2022 21:41:22 GMT
server: cloudflare
etag: "13d9-5da348a9a8187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d269295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 17.css
www.dianomi.com/img/a/pss/2818/ Frame DA01 2 KB
803 B 21ms
21ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2818/17.css

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1801387
cf-polished: origSize=2720
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Nov 2021 22:23:27 GMT
server: cloudflare
etag: W/"aa0-5d1904e9678f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6ed8132f4d189295-FRA
cf-bgj: minify

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/676905796/1/ Frame DA01 2 KB
2 KB 24ms
24ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/676905796/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbd158eeebb7a14e134947897ad6e77a100f665c67a6aef515b23f24b1c1cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 134053
cf-polished: origSize=2183, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Mar 2022 02:57:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 24 Mar 2022 19:18:31 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed8132f4d199295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/676912287/1/ Frame DA01 2 KB
2 KB 22ms
21ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/676912287/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1219e79f3a4b45deda841fe1254ac59eb36a00e09c545e1a6c97f4d35618eba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67663
cf-polished: origSize=1872, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Mar 2022 03:41:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 24 Mar 2022 19:18:31 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed8132f4d279295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/677066952/1/ Frame DA01 1 KB
2 KB 54ms
54ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/677066952/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7afdebdd0e3a94b1b5ea5ab56c1bbc99055cc2941e8e1d62ff37b123a4eb0b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3508
content-disposition: inline; filename="100x70.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 03:44:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 24 Mar 2022 19:18:31 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ed8132f4d309295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/677065385/1/ Frame DA01 2 KB
3 KB 29ms
28ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/677065385/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924096ff8a55fcd348d1a877b2c432fc5af8c4c210382abda8b81c98916e1a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 54601
cf-polished: origSize=2620, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2526
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 02:40:35 GMT
server: cloudflare
etag: "a3c-5da60f46c083f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d329295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/677030514/1/ Frame DA01 1 KB
2 KB 46ms
46ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/677030514/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c129434c0f0167bd1b51c9ffba58d02824d088af86798b2df4d8aa01b730847f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 76286
cf-polished: qual=85, origFmt=jpeg, origSize=3616
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1508
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Mar 2022 22:03:45 GMT
server: cloudflare
etag: "e20-5da5d165585d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Apr 2022 05:18:31 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ed8132f4d389295-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 css
fonts.googleapis.com/ Frame A029 4 KB
534 B 34ms
19ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35a766d4f52783a8e584eca5fb387a5a594760f5ae0dfa0925a863b6e046007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 19:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 19:18:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A029 2 KB
428 B 31ms
17ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

ESF /

Resource Hash

0f78f75320dd57ed94f05a30758a5044fe7ccdfef38669edc228f972414834f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 19:12:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 19:18:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647544711565&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1647544711565%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647544711565&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577...

0
136 B

187ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647544711565&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&liSync=true
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 15E1EC3D3210492B90ACB2AA9D20666E Ref B: FRAEDGE1519 Ref C: 2022-03-17T19:18:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXabuVSMn6aqUKX/FV+Tw==
x-li-fabric: prod-lor1

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXabuVNbgq6RUp9kaQTGg==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 93DB77B69D4C4A2BAD5908CEE1F96004 Ref B: FRAEDGE1519 Ref C: 2022-03-17T19:18:31Z
date: Thu, 17 Mar 2022 19:18:31 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1647544711565&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 991594294528179 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 104ms
94ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/991594294528179?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fd64c2c58a6f00031bbb33c485f9898b743fbddd9bbe9ac9e88bfe4d47535ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: j3ZXYWcAgy1dfNkz/3172cEnk2g5crZiDLQP+Ozwo+owqQmy5uN/prF4f0xf177GeLgLYB9gIXG0seGWPCtX2g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 19:18:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DA01 4 KB
534 B 19ms
19ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35a766d4f52783a8e584eca5fb387a5a594760f5ae0dfa0925a863b6e046007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 19:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 19:18:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DA01 2 KB
428 B 18ms
18ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f78f75320dd57ed94f05a30758a5044fe7ccdfef38669edc228f972414834f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 18:28:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 19:18:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame A029 23 KB
23 KB 8ms
8ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 85633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:18 GMT

GET
H3 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v9/ Frame A029 19 KB
19 KB 7ms
6ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:03:49 GMT
x-content-type-options: nosniff
age: 83682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19012
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 20:03:49 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame A029 23 KB
23 KB 9ms
9ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 85656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:55 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame DA01 23 KB
23 KB 7ms
6ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 85633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:18 GMT

GET
H3 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v9/ Frame DA01 19 KB
19 KB 8ms
7ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v9/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

sffe /

Resource Hash

5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:03:49 GMT
x-content-type-options: nosniff
age: 83682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19012
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 20:03:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/ 2 KB
2 KB 41ms
19ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/?random=1647544711623&cv=9&fst=1647544711623&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&tiba=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

46c303097492ac559e59e2b42abcc18ca366c2ac27ecb8ef196a874c8d49d52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 22ms
7ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2321248.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 641785
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 7oCi3HLi-vsZV-KcXvv9FQJCmNTZ9S3Z-rI9SDaFEcGhZX1-5JcpUA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/658328797/ 42 B
548 B 47ms
25ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658328797/?random=1647544711623&cv=9&fst=1647543600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&tiba=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&async=1&fmt=3&is_vtc=1&random=2602632947&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/658328797/ 42 B
548 B 146ms
123ms Image
image/gif 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658328797/?random=1647544711623&cv=9&fst=1647543600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&tiba=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&async=1&fmt=3&is_vtc=1&random=2602632947&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 470261513615109 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 76ms
76ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/470261513615109?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

e0ee8eba408d9baf59a228777c850dbe4ebda67a4d1ac3eaf6ec0c2fcd9cfd09

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: jBQpzwkRv/zFnK37yCC03MdOLIFTY6A5czPC7rODr//c8dJrWFsG7E2tOHTECUXAKV3cg2VRJTZDU5KKY7B2aA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 19:18:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 koi Show response
koi-3qnnf9xqbw.marketingautomation.services/ 148 B
607 B 181ms
181ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qnnf9xqbw.marketingautomation.services/koi?rf=&hn=www.itnews.com.au&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1647544711639&ac=KOI-4BG98ANIO8&ts=1647544712&pt=0&pl=0&loc=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&tp=page&ti=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews

Requested by

Host: koi-3qnnf9xqbw.marketingautomation.services
URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.240.178.107.bc.googleusercontent.com

Software

openresty /

Resource Hash

1d7b203aca777b86cb58f29f2edd006336412af12988c5b0ea64f8705ff2abca

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 17 Mar 2022 19:18:31 GMT
server: openresty
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
via: 1.1 google
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-6ffd4dd4bd-bgbtt
content-type: application/javascript
alt-svc: clear
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 21321196.js Show response
js.hs-analytics.net/analytics/1647544500000/ 62 KB
20 KB 205ms
180ms Script
text/javascript 104.17.69.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1647544500000/21321196.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.69.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac463ea59caaea49defda8c92d9563474db120a2d34780e72860f224ddb34542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 3GNVPV84ZWPJ1WC3
x-amz-server-side-encryption: AES256
cf-ray: 6ed81330ad3d994b-FRA
x-amz-id-2: 3MUqIqxeFuCY1idDJSthfW2lspjc0sTZUVQLeEBLdvaWU9Bsb7HzZ850nql4xZClvokY6je66nA=
last-modified: Wed, 09 Mar 2022 03:40:20 GMT
server: cloudflare
etag: W/"4360ee6e797b6495e7b339016acddf64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 17 Mar 2022 19:23:31 GMT

GET
H2 200 237470.js Show response
js.hs-banner.com/21321196/ 61 KB
16 KB 993ms
969ms Script
text/plain 104.18.20.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/21321196/237470.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b76a8015ac1a205492878201b11517148cfc2213150c8480c3473fb15d48128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 3e559ca7-b96a-473f-a9ec-cb379c116182
timing-allow-origin: *
last-modified: Thu, 17 Mar 2022 18:45:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.itnews.com.au
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6ed81330abd98fe9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 17 Mar 2022 19:23:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 174ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=991594294528179&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=&if=false&ts=1647544711808&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1647544711806.2037654898&it=1647544711576&coo=false&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 159ms
8ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=470261513615109&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=&if=false&ts=1647544711810&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22672696263472981%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22264926417805007%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.2.1647544711806.2037654898&it=1647544711576&coo=false&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 17 Mar 2022 19:18:31 GMT

GET
H2 200 5f83be4dd2cc51a7cb000001.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 39ms
9ms Script
text/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5f83be4dd2cc51a7cb000001.js

Requested by

Host: koi-3qnnf9xqbw.marketingautomation.services
URL: https://koi-3qnnf9xqbw.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

33391baaec782c378a1fb4d805c86c1701a684befeff518eed6e87db2a2b5e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
server: Cowboy
age: 44
x-served-by: cache-hhn4042-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=1800
accept-ranges: bytes
x-timer: S1647544712.005956,VS0,VE1
content-length: 3897
x-cache-hits: 1

GET
H2

200

20220228043335_small.png
i.nextmedia.com.au/Assets/
Redirect Chain

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2f20220228043335_small.png&s=20220228043335_small.png
https://i.nextmedia.com.au/Assets/20220228043335_small.png

3 KB
4 KB

280ms
280ms

Image
image/png

203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Assets/20220228043335_small.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99322cd3c87429efa5b1ea62ca708c28c2b70d89ea8e2e9ea137ae52c87f8a7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
last-modified: Mon, 28 Feb 2022 05:33:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "969fd3ba642cd81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3541

Redirect headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://i.nextmedia.com.au/Assets/20220228043335_small.png
cache-control: private
content-length: 175

GET
H2

200

RVBD-Aternity-Lockup85x25.jpg
i.nextmedia.com.au/Assets/
Redirect Chain

https://i.nextmedia.com.au/Utils/ClickThru.ashx?d=https%3a%2f%2fi.nextmedia.com.au%2fAssets%2fRVBD-Aternity-Lockup85x25.jpg&s=RVBD-Aternity-Lockup85x25.jpg
https://i.nextmedia.com.au/Assets/RVBD-Aternity-Lockup85x25.jpg

12 KB
12 KB

281ms
280ms

Image
image/jpeg

203.176.102.67
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.nextmedia.com.au/Assets/RVBD-Aternity-Lockup85x25.jpg
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 203.176.102.67 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: i.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a86749e2790386090a9358708ce3d873aabc7f4b434a1b026d2bcd9bbe7597ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
last-modified: Tue, 01 Mar 2022 05:53:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f3d661b1302dd81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 11927

Redirect headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://i.nextmedia.com.au/Assets/RVBD-Aternity-Lockup85x25.jpg
cache-control: private
content-length: 180

GET
H2

200

bullet.png
www.itnews.com.au/images/
Redirect Chain

https://www.itnews.com.au/Images/bullet.png
https://www.itnews.com.au/images/bullet.png

171 B
226 B

284ms
283ms

Image
image/png

203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/bullet.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "4a4d6ee11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 171
x-ua-compatible: IE=edge,chrome=1

Redirect headers

location: https://www.itnews.com.au/images/bullet.png
date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
content-type: text/html; charset=UTF-8
x-powered-by: ASP.NET
content-length: 166
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 network-bar-logos.png
www.itnews.com.au/images/ 9 KB
9 KB 287ms
287ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/network-bar-logos.png?q=20211001
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "44bdffe11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 9407
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
6ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4426
date: Thu, 17 Mar 2022 18:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 20:04:46 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 520B 319 KB
104 KB 16ms
15ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.itnews.com.au
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A7) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 160974
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Mar 2022 19:18:32 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67A7)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H/1.1 200
OK embed.js Show response
itnewsnext.disqus.com/ 78 KB
25 KB 42ms
9ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/embed.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

b6566dc76ca70dc8b9b2faa5ed8602673ece36465410460990f55bcfb52254d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
Server: openresty
Age: 44
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25396
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK count.js Show response
itnewsnext.disqus.com/ 1 KB
2 KB 50ms
7ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/count.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 14
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 11 Mar 2022 23:05:12 GMT
Server: nginx
ETag: "622bd5a8-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: iVkPKYL_PObQfTnbd0URVrjjcFb6wnPdDE7NZ1UIhtGhSQNFo6u3DA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 41ms
16ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/scripts/itn_70959f89ed94799f39099b9c8a556bb3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12bdbba1c12e8c0db4e6cdb4256780e30a73ce553fcd10a67dc1539184fa61e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27823
x-xss-protection: 0
server: sffe
etag: "1161 / 407 of 1000 / last-modified: 1647515258"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Mar 2022 19:18:32 GMT

GET
H2 200 twitter.ashx Show response
www.itnews.com.au/utils/ 1 B
65 B 285ms
281ms XHR
text/plain 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/utils/twitter.ashx?u=%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cache-control: private
content-length: 1
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 facebook.ashx Show response
www.itnews.com.au/utils/ 1 B
38 B 458ms
455ms XHR
text/plain 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itnews.com.au/utils/facebook.ashx?u=%2fnews%2fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cache-control: private
content-length: 1
x-ua-compatible: IE=edge,chrome=1

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=991594294528179&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=&if=false&ts=1647544712142&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&cd[content_ids]=577458&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1647544711806.2037654898&it=1647544711576&coo=false&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 19:18:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=470261513615109&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&rl=&if=false&ts=1647544712143&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&cd[content_ids]=577458&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1647544711806.2037654898&it=1647544711576&coo=false&rqm=GET

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 19:18:32 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame A029 77 B
138 B 61ms
58ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=247389&smartad_variant_id=7334&device_type=computer&geo_state=hessen&impression_id=YjOJh5WdzdrKbBR7O6VZxwAAAAI&adgroup_variant_ids=212358,247389,249777,217345,217468&geo_ccod=de&geo_dma=&smartad_id=5141

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ed81332fc6e9295-FRA
expires: Wed, 16 Mar 2022 19:18:32 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame A029 77 B
138 B 56ms
54ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=212358&smartad_variant_id=7334&device_type=computer&geo_state=hessen&impression_id=YjOJh5WdzdrKbBR7O6VZxwAAAAI&adgroup_variant_ids=212358,247389,249777,217345,217468&geo_ccod=de&geo_dma=&smartad_id=5141

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ed81332fc749295-FRA
expires: Wed, 16 Mar 2022 19:18:32 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame A029 77 B
307 B 53ms
51ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=217468&smartad_variant_id=7334&device_type=computer&geo_state=hessen&impression_id=YjOJh5WdzdrKbBR7O6VZxwAAAAI&adgroup_variant_ids=212358,247389,249777,217345,217468&geo_ccod=de&geo_dma=&smartad_id=5141

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ed81332fc779295-FRA
expires: Wed, 16 Mar 2022 19:18:32 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame A029 77 B
138 B 55ms
53ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=217345&smartad_variant_id=7334&device_type=computer&geo_state=hessen&impression_id=YjOJh5WdzdrKbBR7O6VZxwAAAAI&adgroup_variant_ids=212358,247389,249777,217345,217468&geo_ccod=de&geo_dma=&smartad_id=5141

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ed81332fc7a9295-FRA
expires: Wed, 16 Mar 2022 19:18:32 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame A029 77 B
138 B 60ms
59ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=249777&smartad_variant_id=7334&device_type=computer&geo_state=hessen&impression_id=YjOJh5WdzdrKbBR7O6VZxwAAAAI&adgroup_variant_ids=212358,247389,249777,217345,217468&geo_ccod=de&geo_dma=&smartad_id=5141

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ed81332fc7c9295-FRA
expires: Wed, 16 Mar 2022 19:18:32 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=147698&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag

125 B
454 B

31ms
31ms

Script
text/javascript

52.49.47.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 847d9e47201bdff55967855d9ea0d1ef4559910e09fea2cbcba1fd1569411ced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=147698&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame B163 2 KB
1 KB 63ms
18ms Document
text/html 18.66.2.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2321248.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-27.txl50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cf058b286fa80390c08073fa68269f12.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: 1a5BF9gJ4cgDLSxZ-5NlNqy5GFy-xhGK0MuZcbCZCYJwtliCju5WMw==
age: 3579986

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
15ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1893314169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&ul=en-us&de=UTF-8&dt=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages%20-%20Security%20-%20iTnews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=436014676&gjid=179981767&cid=44200285.1647544712&tid=UA-102830131-1&_gid=1333406761.1647544712&_r=1&_slc=1&cd1=News&cd2=Technology&cd3=Security&cd4=%7Cbitb%7Cgmail%7Cmrd0x%7Coutlook%7Cphishing%7Csecurity%7Cspiderlabs%7Ctrustwave%7C&cd5=0&z=504819169

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 520B 293 B
468 B 139ms
122ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d20a6a7c5772db971c39df7ce5ffe034436285dd

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.itnews.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 113
date: Thu, 17 Mar 2022 19:18:31 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 19:18:32 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bdb8e5677b7d341cd29c3732d02b8e141bef2c6d0abe26333c468f89d88b4ef1
content-length: 186

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 46ms
7ms Other
text/css 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8625085
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: 8q1o_o-yTPHr4DtqjZP8gDpWxSN1Etty-sPXD-yliA1hSgnicZZdXQ==
x-cache-hits: 0

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
c.disquscdn.com/next/embed/ 0
93 KB 52ms
13ms Other
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680502
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: ke_jtSQ3p5VDz4Tulg8SQACJKxpnL0dtp7eyO6Zj5Zm4Xxtj7hmIWg==
x-cache-hits: 0

GET
H2 200 lounge.bundle.8a051c75736795faf464e93aee7362f6.js
c.disquscdn.com/next/embed/ 0
121 KB 10ms
8ms Other
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.8a051c75736795faf464e93aee7362f6.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 606836
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123077
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 10 Mar 2022 18:35:58 GMT
server: nginx
etag: "622a450e-1e0c5"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Fri, 10 Mar 2023 18:44:36 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: 6yHde_2eM07miSagicca7Rjy7ix9KXX8VI4CkagE2B8DMpIuElFWXg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 28ms
7ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 3
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
itnewsnext.disqus.com/ 64 KB
21 KB 8ms
8ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/recommendations.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

ac421627e3d8addf79b067f3390bec4282a627ccf00c7e58b2a9b7ac6bbe3602

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
Server: openresty
Age: 2
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21273
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK count-data.js Show response
itnewsnext.disqus.com/ 239 B
823 B 11ms
9ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itnewsnext.disqus.com/count-data.js?1=577458

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9e87d03cfa794663ff980662210b8f2e4f2431ce6be676385b2b9f0b4637c575

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 2472
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 239
X-XSS-Protection: 1; mode=block

GET
H2 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 31ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 18:56:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
718 B 41ms
15ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itnews.com.au

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce84181d1c389e4cfa22ce1438574566889ab0c5f90f6f0c0c0776f9bd5e4a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:18:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 61ms
19ms XHR
text/plain 74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102830131-1&cid=44200285.1647544712&jid=436014676&gjid=179981767&_gid=1333406761.1647544712&_u=YEBAAEAAAAAAAC~&z=1247098290

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 19:18:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2321248/ 146 B
321 B 103ms
41ms XHR
application/json 54.74.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2321248/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.116.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer: https://www.itnews.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 8ms
6ms Other
text/css 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12952507
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: aH62VaCpaGRfnz_benDev6XuUiyR2F6H6C9hFy64uMmOQK8mf6ePmg==
x-cache-hits: 0

GET
H2 200 common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js
c.disquscdn.com/next/recommendations/ 0
87 KB 8ms
7ms Other
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680499
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88824
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-15af8"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: oE0WHqqqM0Pt1fcYYfc5lZAROPqeYDOlgrN8sRN5Hgq-t2b7rJBjgg==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 9ms
8ms Other
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13560769
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: rh2dtoufby-llMIxkbotiT1qJ3yRMcQ1LiLhiRBUrpzwactQGnB__Q==
x-cache-hits: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A485 0
15 B 10ms
9ms Document
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.itnews.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Thu, 17 Mar 2022 19:18:32 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame FBE4 7 KB
4 KB 128ms
128ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

81fa5841ac9aaa4517110eb390a877377b7903aa8270ab5998cc67e0c4a8e141

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Connection: keep-alive
Content-Length: 2748
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 19:59:44 GMT
ETag: W/"lounge:view:9074322267.3548a5704942401227e2a5730b071344.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Thu, 17 Mar 2022 19:18:32 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E486 0
15 B 12ms
11ms Document
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.itnews.com.au
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.itnews.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Thu, 17 Mar 2022 19:18:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 48ms
20ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itnews.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 47ms
21ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itnews.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 close-white.png
www.itnews.com.au/images/ 438 B
497 B 281ms
280ms Image
image/png 203.176.102.69
NXGNET-AS-AP Next...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itnews.com.au/images/close-white.png
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.176.102.69 Sydney, Australia, ASN38809 (NXGNET-AS-AP Nextgen Networks, AU),
Reverse DNS: secure.nextmedia.com.au
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/styles/css_6b1b8d61a41b56d897df75b23d33ac64.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:30 GMT
last-modified: Tue, 15 Mar 2022 03:08:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "6fad8fe11938d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 438
x-ua-compatible: IE=edge,chrome=1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 317 KB
37 KB 596ms
578ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2788984471277730&correlator=1359845633048794&eid=31064905%2C31065486%2C31065515%2C44755509&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=1003277%2CiTnews-SuperLeaderboard%2CiTnews-Leaderboard%2CiTnews-MREC%2CiTnews-Button%2CiTnews-inRead%2CiTnews-Interstitial%2CiTnews-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=1000x100%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x100%2C728x90%2C1x1%2C640x480%2C1x1&ifi=1&adks=667020349%2C2669764438%2C1265387520%2C3406322226%2C2734568407%2C4122735841%2C3533778239%2C727088295%2C964912442&sfv=1-0-38&ecs=20220317&ists=1&fsapi=false&prev_scp=%7Cpos%3Dtopb%7Cpos%3Dsto%7Cpos%3Dsto2%7C%7Cpos%3Dfooter%7C%7C%7C&cust_params=sec%3Dnews%26aid%3D577458%26cat%3Dsecurity%252Csecurity%252Ctechnology%26kwd%3Dbitb%252Cgmail%252Cmrd0x%252Coutlook%252Cphishing%252Csecurity%252Cspiderlabs%252Ctrustwave&sc=1&cookie_enabled=1&abxe=1&dt=1647544712407&lmt=1647544712&dlt=1647544710867&idt=1496&biw=1600&bih=1200&adxs=240%2C531%2C1044%2C1002%2C1002%2C240%2C464%2C-12245933%2C0&adys=234%2C80%2C669%2C3307%2C3587%2C4101%2C2097%2C-12245933%2C4826&oid=2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&frm=20&vis=1&scr_x=0&scr_y=0&psz=1120x90%7C830x100%7C913x1970%7C373x764%7C373x764%7C1120x3997%7C913x1970%7C640x-1%7C1600x147&msz=1120x0%7C829x0%7C300x250%7C343x250%7C343x0%7C1120x90%7C880x0%7C0x-1%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C640%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=44200285.1647544712&ga_sid=1647544712&ga_hid=1893314169&ga_fc=true&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

cafe /

Resource Hash

bf08dd1d34ac00860ca0a2db7662f073f3115070e56634e947abb33916f5ab22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37710
x-xss-protection: 0
google-lineitem-id: 5918630293,5926478854,5932773748,5940475601,-2,5944957566,4675091891,5931479697,5918630293
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138384741036,138382129681,138382895116,138383905993,-2,138384247080,138233473879,138382422339,138385205920
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.itnews.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
012efeb5002835f03b6bcf4462d2d513.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 213A 6 KB
4 KB 56ms
15ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://012efeb5002835f03b6bcf4462d2d513.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 17 Mar 2022 19:18:32 GMT
expires: Fri, 17 Mar 2023 19:18:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame C1EE 5 KB
3 KB 131ms
116ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ca7c7cf63fc0a6c0ab1bee18faa597ef9c5e86adf6bb2e148703cd9dcd53fcc4

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Connection: keep-alive
Content-Length: 2309
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 27 Sep 2021 07:24:13 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 17 Mar 2022 19:18:32 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202203|623389873eeb6b3913312650&pid=pa_XQznHh6B6KdiVBg3T
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202203%7C623389873eeb6b3913312650%26pid%3Dpa_XQznHh6B6KdiVBg3T
https://pixel-geo.prfct.co/usermap/?xid=5257520836624331318&sid=202203|623389873eeb6b3913312650&pid=pa_XQznHh6B6KdiVBg3T

43 B
256 B

56ms
31ms

Image
image/gif

52.49.47.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=5257520836624331318&sid=202203|623389873eeb6b3913312650&pid=pa_XQznHh6B6KdiVBg3T
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Proxy-Origin: 217.64.151.6; 217.64.151.6; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 035c2723-7701-457e-87fc-c7365efca4c1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/usermap/?xid=5257520836624331318&sid=202203|623389873eeb6b3913312650&pid=pa_XQznHh6B6KdiVBg3T
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

403

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_XQznHh6B6KdiVBg3T

0
165 B

148ms
115ms

Image
text/plain

104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_XQznHh6B6KdiVBg3T

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 101
date: Thu, 17 Mar 2022 19:18:32 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: bee435090d77a878b1e1809eeb6b5fa9ded1ec938ee4ba83aab0f12c1817fa61
content-length: 0
strict-transport-security: max-age=631138519

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_XQznHh6B6KdiVBg3T
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_XQznHh6B6KdiVBg3T&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_XQznHh6B6KdiVBg3T&_origin=1&verify=true

0
122 B

11ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_XQznHh6B6KdiVBg3T&_origin=1&verify=true

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_XQznHh6B6KdiVBg3T&_origin=1&verify=true
date: Thu, 17 Mar 2022 19:18:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_XQznHh6B6KdiVBg3T

43 B
274 B

37ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_XQznHh6B6KdiVBg3T
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:32 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_XQznHh6B6KdiVBg3T
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_XQznHh6B6KdiVBg3T

0
239 B

39ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_XQznHh6B6KdiVBg3T
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_XQznHh6B6KdiVBg3T
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWFF6bkhoNkI2S2RpVkJnM1Q
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

32ms
32ms

Image
image/gif

52.49.47.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Server: 52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 112ms
111ms Image
image/gif 52.49.47.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=24171911&source=js_tag&a_id=147698
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 131ms
130ms Image
image/gif 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?t=2&add=24171911

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Proxy-Origin: 217.64.151.6; 217.64.151.6; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6b87b6f0-bb07-47e2-aef6-0c75ab74f5c3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js Show response
platform.twitter.com/js/ 7 KB
3 KB 17ms
16ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
Age: 160975
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length: 2473
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (frb/67F3)
Etag: "29cf2e2367fd80ea2a4908fe0d316028+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 lounge.load.4c17dbce49f331e55ae0e3654575eb6a.js Show response
c.disquscdn.com/next/embed/ Frame FBE4 958 B
1 KB 23ms
7ms Script
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.4c17dbce49f331e55ae0e3654575eb6a.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c5609365a11d6fb3ace1a2596d1a1f593e533e68b85f65d794a49e626c5f5d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 606835
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 494
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 10 Mar 2022 18:35:58 GMT
server: nginx
etag: "622a450e-1ee"
content-type: application/javascript; charset=utf-8
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
expires: Fri, 10 Mar 2023 18:44:37 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: n-vaMpLx55z14Srw7Yi91h9kOAN60aufUe9C6XCEFUDUeb_km5rMeA==
x-cache-hits: 0

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js Show response
c.disquscdn.com/next/embed/ Frame FBE4 282 KB
93 KB 7ms
7ms Script
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.4c17dbce49f331e55ae0e3654575eb6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d9e28bf1814e0986b8e5b001e2c8d55d164f9cf8ee3ddc1ccf5560fe7053b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680502
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: 7QKQmZHKHREXA66MC7Kv3t17zYsOqam9BGmcwyf-wJLpD9WTfLQY4Q==
x-cache-hits: 0

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ Frame FBE4 165 KB
26 KB 7ms
7ms Stylesheet
text/css 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8625085
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: GOLDtkpBNSxk8HuyxH47VSprE9QXOIbtsvepYePXgAZcOuj40ecKMw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.8a051c75736795faf464e93aee7362f6.js Show response
c.disquscdn.com/next/embed/ Frame FBE4 476 KB
121 KB 9ms
8ms Script
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.8a051c75736795faf464e93aee7362f6.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a3df4a5e88ac610681d86130da88ba2ece0a809defc6aeeb3678eb9903ab326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 606836
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123077
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 10 Mar 2022 18:35:58 GMT
server: nginx
etag: "622a450e-1e0c5"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Fri, 10 Mar 2023 18:44:36 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: OH1wpb4p-wcdQUsFVZrByAunxFyXiGAAKV7TJdEwwzwgRvCqI6B5Kw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame FBE4 14 KB
15 KB 7ms
7ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 4
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js Show response
c.disquscdn.com/next/recommendations/ Frame C1EE 923 B
1 KB 7ms
7ms Script
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6b4b5cdef6efda6d01f2dc8d1febe3f9339b85c5055a26c6f299284929cda2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680496
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: PKb7Vb4Zbx4WdFLif1E5iq8eYuGn9P2WsGMfpLq0wclUQt4RvKctPQ==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame FBE4 3 KB
3 KB 11ms
10ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

24cff78d6d3f658f86d1166907ceeb886ed732ea576573d9d081a35352678e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 44
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3042
X-XSS-Protection: 1; mode=block

GET
H2 200 common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js Show response
c.disquscdn.com/next/recommendations/ Frame C1EE 262 KB
87 KB 7ms
7ms Script
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

50db7c9c01c13f0814e91704229cc9aeb94294eb85d1b3d126d96a8caab7af08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680499
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88824
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-15af8"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: SD12QrIsF2wWKY8_iZh2VJM-E_2QvRK422Nxo0Wuh6x3yzkpL-wPuQ==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1646863724/images/ Frame FBE4 2 KB
2 KB 43ms
7ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1646863724/images/noavatar92.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 679807
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
content-length: 1644
x-amz-cf-id: 4aC2ax73f9sSGvAdwLplNs-rkt9laxRTnhRQF9PSPmqH3avNOsWvrg==
expires: Fri, 08 Apr 2022 22:28:25 GMT

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 4F78 487 B
1 KB 234ms
233ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1180
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Mar 2022 19:18:32 GMT
Etag: "1ff2961abd5b04cc5e0b8c3636b3c629"
Last-Modified: Tue, 15 Mar 2022 22:32:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6725)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
356 B 120ms
119ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22experiment_key%22%3A%22tfw_skeleton_loading_13398%22%2C%22bucket%22%3A%22cta%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221504128871632941058%22%5D%2C%22item_details%22%3A%7B%221504128871632941058%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647544712706%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_skeleton_loading_13398%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=d20a6a7c5772db971c39df7ce5ffe034436285dd

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Thu, 17 Mar 2022 19:18:32 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdb8e5677b7d341cd29c3732d02b8e141bef2c6d0abe26333c468f89d88b4ef1
x-transaction: 4253a2ebefe98f1a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame FBE4 13 KB
13 KB 7ms
7ms Image
image/svg+xml 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 27924051
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: C8bZrk6_cajki2-e--9CyJ5YiFeG-7_0SRR8bA3EL4I0cjDmK0vo6w==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame FBE4 3 KB
3 KB 7ms
6ms Image
image/gif 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:58:07 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3680425
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 26 Jan 2022 21:59:15 GMT
server: nginx
etag: "61f1c433-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Fri, 03 Feb 2023 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -cs5vZxglRGcv4Gz0-tEpBxffR2UFn-KLCStqh9MrR14fOFhGx8zXA==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame FBE4 2 KB
2 KB 7ms
6ms Image
image/png 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15204644
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1f8WuPRc-hOrW5Y7p-H7U9l-jW2YK0B3aLhd2pi6UKKYZXGmQj199Q==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame FBE4 8 KB
8 KB 7ms
7ms Font
application/octet-stream 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 17054414
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Rledi08cRtImD_K156E_Hzw8VPfcf_ifSBGwJbbbD9ve_anntNC9mg==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame FBE4 43 B
339 B 145ms
99ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=138&event=init_embed&thread=9074322267&forum=itnewsnext&forum_id=2865237&imp=6vddhuh3hbcjvn&thread_slug=phishers_devise_browser_in_the_browser_attacks_chameleon_landing_pages&user_type=anon&referrer=https%3A%2F%2Fwww.itnews.com.au%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 314C 337 B
839 B 8ms
8ms Stylesheet
text/css 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11664803
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: 53YlVFqodERYeBVPPUea46Umao528NvwQRwz5moimoiXLbcrHsZf0g==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame FF81 337 B
840 B 8ms
7ms Stylesheet
text/css 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11664803
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: bhM7UgGNsBIsRi8THmyPqsMwVhO4sc-MqbI9drx_8ibZxTHCuw7eiA==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame FBE4 13 KB
13 KB 10ms
10ms Image
image/svg+xml 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 27924051
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5HNvTapr_w-0e-A-O9qfjkySwgjUt6OdmuVBOdHpzIUscuacJsBjjg==
x-cache-hits: 0

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame C1EE 14 KB
3 KB 7ms
6ms Stylesheet
text/css 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12952507
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: O3XGMGK1A-eoAdg3EuupqUXSL8Y9xiiMqR0c8s02CffiWuX5epYdgw==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame C1EE 65 KB
20 KB 9ms
8ms Script
application/javascript 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13560769
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: dRYEpVni5OcC-6JArmWLADHC1X8DawgaMTPxEmVMsVSvUcJGbCDR3Q==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame C1EE 14 KB
15 KB 10ms
10ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 4
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame C1EE 3 KB
3 KB 8ms
8ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

24cff78d6d3f658f86d1166907ceeb886ed732ea576573d9d081a35352678e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 44
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3042
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame C1EE 5 KB
6 KB 100ms
99ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=itnewsnext&thread=ident%3A577458&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c3b5266b0d27446049a391eb9b468fcd07b4f8ea8526e9d708eb290579d62f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=577458&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t_e=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_d=%0A%20%20%20%20%20%20%20%20Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages&t_t=Phishers%20devise%20browser-in-the-browser%20attacks%2C%20%27chameleon%27%20landing%20pages
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 1632
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 5548
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embed.runtime.6b5d3661e7231f9606f3.js Show response
platform.twitter.com/embed/ Frame 4F78 10 KB
5 KB 11ms
11ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
Age: 160975
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 4452
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67F3)
Etag: "4fd3e986c160013643e8bc617c599e49+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.modules.aef85bf61d706d7edafa.js Show response
platform.twitter.com/embed/ Frame 4F78 515 KB
168 KB 21ms
9ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
Age: 160972
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 171389
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/673A)
Etag: "b2faf8accdee57f7929c5b7623e6e7a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.i18n.293ca00a272b34d032a9.js Show response
platform.twitter.com/embed/ Frame 4F78 2 KB
1 KB 34ms
10ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.293ca00a272b34d032a9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
Age: 160975
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 792
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6762)
Etag: "22e04932e731bc174868c60c46980c73+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.c31baac24debe5533d7c.js Show response
platform.twitter.com/embed/ Frame 4F78 15 KB
6 KB 31ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.c31baac24debe5533d7c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:32 GMT
Content-Encoding: gzip
Age: 160975
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 5529
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67C0)
Etag: "b96eda3c68570721e8ffec6945c4166c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js Show response
platform.twitter.com/embed/ Frame 4F78 38 KB
13 KB 10ms
9ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12780
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/668C)
Etag: "620123f935ecdf8c083ef823e0eeda3d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.en-js.e84cb370ed3e40856450.js Show response
platform.twitter.com/embed/ Frame 4F78 4 KB
2 KB 9ms
9ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.en-js.e84cb370ed3e40856450.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Content-Length: 1801
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6727)
Etag: "668b3e5058c7ed61a38da6c433123235+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js Show response
platform.twitter.com/embed/ Frame 4F78 4 KB
2 KB 6ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 1801
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6795)
Etag: "3fa047c294a1fd7d30105f7a1e2febcc+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 get
c.disquscdn.com/ Frame C1EE 9 KB
10 KB 11ms
10ms Image
image/jpeg 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20151016101634_apple-iphone6-6plus-cameras.jpg&key=dnlZKShkKlzHrU1sQYnGng&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1c358741342f781ffc2e6e5a25739185dd18fe70d57b560775276a3acc028b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 03:21:48 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 921405
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9727
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: DLDSb0STpFp_4JWUbXztuAflCUMDzJ-lbnaWmZaU4KJ2GwRnl6iGYw==
expires: Wed, 06 Apr 2022 03:21:48 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C1EE 8 KB
8 KB 12ms
11ms Image
image/jpeg 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fpoll_ballot_vote_voting.jpg&key=od2k8nvJPCxJwO9bjXHklw&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3b4360bc01d3d2e4a4da25fb5056c8d5b15222f3bc3cf81cff442d2531a5005c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 04:23:46 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1436087
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 8151
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: EExgIoU_ZjZhk4vBjB_lGZz63c7i3kTRYGUrxgxvn6kuHwW4pbwTnA==
expires: Thu, 31 Mar 2022 04:23:46 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C1EE 6 KB
7 KB 13ms
11ms Image
image/jpeg 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fnetbanking_32970367.jpg&key=vQ2jBxAw1255XjtnEtAaeg&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9d69f054f6deb79fb873228cf88b42a9b942d902b25d4237e59da16e6bc3e722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 03:21:48 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 921405
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 6549
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: LKjc-_p6cL5xYbXekOBvaJRPcycWARmMGxm-SvNrGnZScotsd23HYQ==
expires: Wed, 06 Apr 2022 03:21:48 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C1EE 10 KB
10 KB 13ms
12ms Image
image/jpeg 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fmyer_logo_department_store.jpg&key=voHhlqdf5Uf6TciVlu1BMQ&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

80fb31e601f04a9f93e217c1e4ab8a33f14ae83b9e6f9a26e542a597d64567d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 03:24:12 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 575661
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9828
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: O0v9sHnzdwNK2Y-8espilnmhAkaCph4UcVIM1rH8WQLn9G8O4QAsFA==
expires: Sun, 10 Apr 2022 03:24:12 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C1EE 8 KB
9 KB 15ms
14ms Image
image/jpeg 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fplane_airport_tarmac_aerial.jpg&key=pwXp-v91ZiNv5rO-3KTrpw&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1b71da36c8eb848d8a52734a7fbf50b475b648133673db95d08946a25fd53639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 23:38:10 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 589223
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 8480
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: O-4lhrZZKfjUHfleWcq0-ZeExnWalH5k6UotZfISoT_DIDvDdpecrA==
expires: Sat, 09 Apr 2022 23:38:10 GMT

GET
H2 404 get
c.disquscdn.com/ Frame C1EE 0
0 106ms
105ms Image
text/html 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20160404123306_nbn+node.jpg&key=GjQhVIFEp2WiQWu3ilbJrQ&h=200
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-99.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 get
c.disquscdn.com/ Frame C1EE 12 KB
13 KB 14ms
14ms Image
image/jpeg 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20210812104604_crn-690_telstra_sign.jpg&key=42HjCB_eBiwlBZDOhRpWvg&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cb1f0a15517bce5d5b4cfabef35ca6a6072718dc0b904c53b6e15edda697dfb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 04:28:14 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1349419
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 12404
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: PTjXt61UToe2yN4IsPZZ9YPicSxzVvFJQ2I6HT_-4LuAr4k0t5WfVw==
expires: Fri, 01 Apr 2022 04:28:14 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C1EE 12 KB
13 KB 14ms
13ms Image
image/jpeg 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foutage_attack_hack.jpg&key=RmeyAlE2wKtXLH6uRAgP9Q&h=200

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62d25ca31b4e208d4975ffe6952abdc9560a68c17d374b8c458208d95c1f453d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 08:26:50 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1421503
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 12504
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: hebQ3kVFBlarAydCqCGnib5_hNleh8cXa27j60cBDmyLWkBF2HDpjQ==
expires: Thu, 31 Mar 2022 08:26:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6068 0
0 34ms
33ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiYc7GXZuteFYVR0ivRsCIm13v3pjKkXn6LjImWF6zWveGVYHGKUVacc_fCMHGVT2YcARYTkfGnsnk2NaP_ErhtwexdmjtbDDfNUrrN6ty4TfPhzyErAXZqBbYXcfCm03L-d21QLkGcJ0BcRUsyuX1BYOKYs-H905_iP4wdgMsYWTNv74CrLkzsQXQt60qRj8mTFf76Vio6ie-pJjJVm8542dSpJG3EVbALunENB2y0r3CYjkOv4BF1JJiZS0r5NhuBVxDyWJfCohorCObXsjHQuP-kPALzN5m9jWcq_DF93R-L-yzwOn0LjTMf8agpfIIVaNR&sig=Cg0ArKJSzFH5k0xbKu5qEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 6068 19 KB
8 KB 37ms
6ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:04:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 6068 2 KB
1 KB 45ms
14ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:10:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6068 117 KB
36 KB 65ms
45ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6068 0
0 39ms
17ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWEIefsWYFh7x3ypzxMZHNQ_tKERR4Z_8Q4JgXcGVOm1sSViBzIVwUrYoQCWxYI_Jsbn7w_tWs8TL1IWf7LJNSe6rZ7w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 2530332929872069911
tpc.googlesyndication.com/simgad/ Frame 6068 31 KB
31 KB 44ms
14ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2530332929872069911

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73de8ea36dfa81daa6c2ed8f127460d33f174fc2f73f1fcbb908957f709283d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 06:19:05 GMT
x-content-type-options: nosniff
age: 46768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31640
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 22:52:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 06:19:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B3E 0
0 35ms
35ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjX8uTgTpa2veUIQaskAWQc-8UYTGTS2ooFK7rgZGWek9NIkJDSSzMir4t96LnaCotT7BBICnCAFNLbBc3K1zXG0T7-o3i346ZqicyMFQPIPhF2Oyc1OnSxxu8zs140tGV9LxjN8G1HcpSw-tsGmqxZELMOUjzCJ406pHdketRnV4oObqXYqDto7b5DnlzBkqCbu_G9OmswITdK66eCecHXt8zyVqO2N9wVSDnbKTiQfGlejU22A8HdDkAqUgPUiFryVZ7zyIrcZXIZLIqM-17lnUuL60B5gy5tpFDOALRBtYDhCaREoTZuqn3Z03L3A&sig=Cg0ArKJSzB3pG2FOUo_cEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 5B3E 19 KB
8 KB 33ms
7ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:04:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 5B3E 2 KB
1 KB 39ms
13ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:10:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B3E 117 KB
36 KB 41ms
28ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5B3E 0
0 33ms
16ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0BVq-4zo8yX16Dz8zFCMJuo_e5TX3ZK7jeHIGmwwFyX51zfzMh1Q8YJ7rb3UctrgmmCD_VpCwhx9UX1Lxev5HglDdyA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 2355995464825379781
tpc.googlesyndication.com/simgad/ Frame 5B3E 61 KB
61 KB 66ms
41ms Image
image/gif 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2355995464825379781

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19665d9e2327f9adb6c60e4cf7bcc600210a5f3e1f9873e289cffdc8074a0f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:45:59 GMT
x-content-type-options: nosniff
age: 261154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62816
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 04:43:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 18:45:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2B70 0
0 36ms
36ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPSidtZo3SGRrk3j_1to9DatZl9alDv-G8P6saJsXql6lx988qgMPQho5_AYPv1L4gtdXNvnrWRDrGtGr7EntRxJD-swyoZeDTzqUzGdCJZH3924AM7a336U5VRRebfeYrvxoO955xdSDC5Lp4mre2GxMHVufKodepvhIQI1808eaNRn9riK5Z3D4TCBvPdLT8OMwtqY8qcZARdN7zGpphUJK7AL6YGrVumGUVwDOecwtgtkIxboF5EAAZaWL_-E2TB5a_8aEy43cGu7MyiQELefCGqIfMyAsuTP7rxqePdMoUURvUyABg&sig=Cg0ArKJSzLxV2VpGeK9qEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 2B70 19 KB
8 KB 29ms
8ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:04:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 2B70 2 KB
1 KB 19ms
18ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:10:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B70 117 KB
36 KB 25ms
16ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2B70 0
0 29ms
18ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBgFOlOXw87cu8-6vBp9RNnqcE_tszmzB-6YrgkiNlB5g0BHkAFJ5lx9hvkFxbPYAEgXiA9PUjEJQfY9jtr47jv3xPTw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 465344067298113681
tpc.googlesyndication.com/simgad/ Frame 2B70 28 KB
28 KB 20ms
19ms Image
image/gif 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/465344067298113681

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea6d62c49311bcb975f310bcb4f4861c08f297ba71be9d7a67aba5560a8d7ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:46:34 GMT
x-content-type-options: nosniff
age: 214319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28896
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 05:49:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 07:46:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0CE 0
0 31ms
31ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPqxjF0e2jgly4gaWE3SG6ru_hShELgggKcU674zS-WqjJtZ-R18MGU9UOVqSJ0XQ_igsP-5tgir64ZFPZa9IbrnCBYymcMdlIn86J92_1a5Sq0HVVVHu-ud9RJUrvDvkRbbrtsinQe0xy29vxmpsO2sEGpwTBH0Z7V__-NdUkHBoGlxAM5NpdI2Xq-rLYG7mAGY15GCEElJAzNlklFVP55PRAPBfjYvRe7pLpyr9R_HQfMcnzEEG-y9yuSEL6LbuOLpWJg6ou9TlN2TCho3mVri1xuwpXhoCTEjZfzq6HkqNSQVeNgwnL&sig=Cg0ArKJSzHlym00nO7OKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame C0CE 19 KB
8 KB 26ms
12ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:04:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame C0CE 2 KB
1 KB 19ms
18ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:10:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0CE 117 KB
36 KB 46ms
43ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H2 200 10716709181243773541
tpc.googlesyndication.com/simgad/ Frame C0CE 57 KB
57 KB 20ms
19ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10716709181243773541

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51660b8697b2a7e0c719b22c35ac36e69357a08af37656a5db3c6b0d632c554b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 11:07:49 GMT
x-content-type-options: nosniff
age: 29444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58045
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 01:29:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 11:07:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74F8 0
0 45ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdv-EtM9ltSkwEDWM22Dp_kLGah6MJDRpdFsEiqYxM2VBqGLearMD498EVg92ExWdBuOIua5p7fzP3KImveVQXsPBgxLRtThr4SsDgZ5aB6SenDJRhfsxKAhvPeSaLEDo_p7e5AHqb_kFrNzQA7-5oonwcMipXBSzPA33Zx_Fy4mOt0b_T2liUGV_HKENju3eHwOOVTdu8NiJRY8il64Im88ia-NmsJfk0BJtSH_llGttj1gWKFA8fm8-ANDhttGd4nr7lcSSJEsnGxnGZTwx4_seNPHqm99djgB1ZQk7f5PxEmoWzo9mvhTs9TfTEvA&sig=Cg0ArKJSzK9OKj18FK4CEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 74F8 19 KB
8 KB 20ms
11ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:04:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 74F8 2 KB
1 KB 19ms
19ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:10:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74F8 117 KB
36 KB 40ms
40ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 74F8 0
0 16ms
16ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyoktLyngIFhgSI9UcWvHJ-GUuuShH3XD9WurFxLjASkB5DlRHrKfPAe1vqy8zdrjUg4SpTG9vDz2w-uilEoRXYKV9-g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 10557129406099453461
tpc.googlesyndication.com/simgad/ Frame 74F8 71 KB
71 KB 35ms
34ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10557129406099453461

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d99db58d53e5fd6a28eec03a41ec682443d0d1e9ee928778f786e3fd0a85ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:45:59 GMT
x-content-type-options: nosniff
age: 261154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72628
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 06:27:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 18:45:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F54 0
0 42ms
41ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstR6_VfreHq3HH52xe18Dkcp1JNo9utmRBRuhynUPvU0TSDaj5UIRQfLmbpsEXP7mmWoD5uFGMsPhf8HBckmYQXKwl9Cyt4BF25Q1i2c_Ev8RFG24os0nQ_F40PT9r4y4abLNP9U64t3jiIUD-sDCdaJ6V-_wsuCGQDoOScBSc2stUnUwXw-W3WczsV8SOTDYCCVEty2lmtOQTYG3cysav2NHrt0Qhr86Bu1g9TLiE-akcvr0Ay5fWFqmTADdcmVA5LAv2MkHmtMaDmNbdcXv4v0j--05essSvr9EnYcXo7LO3yDJ7N4qPWieQ&sig=Cg0ArKJSzGXVZN6gOROIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tag Show response
a.teads.tv/page/84405/ Frame 3F54 2 KB
1 KB 114ms
30ms Script
application/javascript 23.59.68.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84405/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.68.11 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-68-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f45a13a60901989d54f571c1ca7bf81ec213be82e6c109c9f0e3f4b2e43e06fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 1021
expires: Thu, 17 Mar 2022 20:18:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F54 117 KB
36 KB 21ms
20ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3154 0
0 39ms
39ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvT31I6LSSkmuOwb-63wOSSlMoT_OWKVRe3XDyY1KVLrWCHPXVKDXKIUxFdRsg5W3rafmPfd81ktBcdx8LWWzkg1cTMwURkSpkRmFrz4Zi0W9shxmeIrDrU2Y4_9zluXEOQIsWKD4YtZIugYIJTg55metNDaRt0vL5yq5asrKEldrmr1CIeryXc2iUckZC-CRB9OKTz-fS9M0bibCMlDwRYhGmMBAIqW-wks5T5vzt0i3vN7oJuY7wO_44Xq88_05jGEZk-n0MYnYCkT-Gccn6G_ISD4_ygOJobtgz8gAtnYiYMPVQMz7xorcLq7QCJiQEiM2W8UNMc43TxKYBqAw&sig=Cg0ArKJSzLpIX0JVWA7WEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 3154 19 KB
8 KB 17ms
16ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:04:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 3154 2 KB
1 KB 17ms
16ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:10:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3154 117 KB
36 KB 38ms
37ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3154 0
0 21ms
21ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQayrF0SjwWLmLcfrZw0oBdUFUJbJ3O4xS-gen88VAgW4xSzrir1A0dqzCcReYaPak7I3ZULc-XBI9DPru-eHb5GC7Www
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 13066913210414675199
tpc.googlesyndication.com/simgad/ Frame 3154 167 KB
167 KB 29ms
28ms Image
image/gif 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13066913210414675199

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05dfc2e98103015e18cc7e469194582e1ac1edaae76a2b33feb7d7b2a80da5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:29:28 GMT
x-content-type-options: nosniff
age: 557345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170955
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 05:41:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Mar 2023 08:29:28 GMT

GET
H3

200

3473041443409053549
tpc.googlesyndication.com/simgad/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuxjDuzGgyU7pVVUQT8CIbIsIUMS57M_aptS2sFxDQ239yoshfLVk_WfIjIrQkx4Pssfa1pgEE8zgu6tJkyPnnYsLm3q581LEEAKx2cyf2Foh7U86JoFme_KSHQwuK0jHJPWYEHJ_5N...
https://tpc.googlesyndication.com/simgad/3473041443409053549?

393 KB
393 KB

30ms
8ms

Image
image/jpeg

142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3473041443409053549?

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d7056f89a26e63a06b6126936b21f5319768e11ef6afcad928c0b9b3d84a875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:29:15 GMT
x-content-type-options: nosniff
age: 128958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 402742
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 04:29:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Mar 2023 07:29:15 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/3473041443409053549?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame E408 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a19959b07c815dea9098e2895aa79d5f9784afeb12839efb39576c8396db57d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5B3E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3c7b46675bd16d5471da82f8adf82479c40611c2285cd9bf8ba2a929c6060cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0CE 0
0 47ms
31ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5jjTUB7pY239jS-PhuVHflJ-Q5DZazJe3GxXdwxGizSlDyCwfgkljU2lI1uapii-nNGAnOpQilnIW8zr30aFXZdK5Q8FyL-TeZ2Op2K8N7WofGk9u0aP1xaiKhfn6EdAFrSHbbyT7wX2CsA5EBLAGPRaid0mYYK7g6NOs6MMuVv_q5BBJ5QWGamaiIx7wZhqGx-QU2lCZ6ZVjX7n9NWaSYttwllwTTHLuCTuJ85C6kegphaybIfXr-XX3CoVZ0UVXkFMsXKFyHlb2ADf6mjnfCr0XVWIazWUA01J_JsRnaFsXXXEmbAwluEE&sig=Cg0ArKJSzLmUotqIwgkjEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
DATA 200
OK truncated
/ Frame C0CE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5843a0b13f93455f7f67f685824f6a166841dbdeb2598da638c285792fd304d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74F8 0
0 33ms
29ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZX--1BL3lVTp1o2d0Cls0Xgi5SJLaRZmtt3JSQf7Hj5ecKrXXmrIiBqzKqv2AyJiUc5QwDMAbectTBvYrKzWtor22BYAt6Uks-_745quvhcLABH8uXEdLBMMnJpSBZAKF7j-lgLfQx9YzYAJ0AsXncjXO12o-TnpHQxodnrmSVuApq5Klnm2DvAhvqhJlbyz_S5gvt7hmVz9xzS4alJUPgUogL-xi7S-0sDgaRkUYbKWDggacaG4SW_SeBlSq6KmVZuBWsO8ZY-NFEYFjzA9jHE8qNkrQqNh3_vcdZ-c-_O-E--1rf6iH3s4Eyya-lXkK&sig=Cg0ArKJSzMfybXeYfALAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
DATA 200
OK truncated
/ Frame 74F8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ada67c03990da1ebefaa7acb4f905dee21cd39f5756c43417e2bf7de75e4776d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6068 0
0 31ms
30ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTE08Jrp3lWZvGlfPTplIsxxN6eKSHPQFVCL4XGyZKY88xj5B1YqG7BTjAuwumxDUKx7P8hyL53FSvkWPPNXeyoDnH0xzR1d3Ztt9o3sdtYHFW5YKePLtoVeBnCOcrIIsEEHA435Pqzj8kbDeDGhi1IITlf5PkiYg-XFBOKXiUJChcEx66DnyI-OIQXo9itGkq3qR7y7nmiYdUGSbdQIF_qfpqediyVqGK664DR21C4R3YVu0_TdZDvRqMTGtOnSy7Bzwsjoh7bO04PHWpDpNs4haP_84vRuBEDsbBZLnst8-Th5Q2ygaSVpDY7d21ijg5iflA_-s&sig=Cg0ArKJSzEISrFDZi1tZEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
DATA 200
OK truncated
/ Frame 6068 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0eab83a7cdf556fc34a6614d9d819b17be92926c1268cd0c947badfd6d9bc6b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js Show response
platform.twitter.com/embed/ Frame 4F78 418 KB
117 KB 8ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160973
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 118888
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/674D)
Etag: "837121804a3c0a218129592fe2f12885+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js Show response
platform.twitter.com/embed/ Frame 4F78 35 KB
11 KB 13ms
12ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 10666
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6776)
Etag: "f62e0963926319acfa13d3ac4b7b0d38+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js Show response
platform.twitter.com/embed/ Frame 4F78 22 KB
6 KB 7ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 5646
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67D4)
Etag: "4d13e6c6f6b371c7531e1f6cb42e8677+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.3debca4342f31b7db9e1.js Show response
platform.twitter.com/embed/ Frame 4F78 57 KB
13 KB 13ms
12ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.3debca4342f31b7db9e1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 13185
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67F3)
Etag: "982e43879d90b230cc9448e954bc2cbe+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2B70 0
0 30ms
29ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ72TYFn1KA2Cm03EBkPMBtcpLS6mgSRiJT_Fcj6LrUyfCf-5ArHPn_n_ASHszL7fFG9DaHlJ_5ni-QkTDrLes9Rh68eMCDt1xoTtxnoFEe6PGtRQZ-6JYk6eRLvhcZbp2kBInbzQ27icypXOcYplYzmFlcih50rP-tJsGncqwNiYSU4MadmuwEnVhSqGOG3qQDW9sH-ej5GI6v9ijzSjhQQP6G5N6vgn2VWiXYVup9-GnBCD_dlUMkST2a_tgh21nos7aCwpiGDXUNiF3gCX3YErYQLVHwqfgEP6_4gxUTTUnLPhpq61iiB4&sig=Cg0ArKJSzIlAnsmxNKGxEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
DATA 200
OK truncated
/ Frame 2B70 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5066a0ba1e8074cf893384a08c0d1ce3c379e9ac2d0f299f750e519dd9b7fff8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3F54 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cacf57b5c0c2685488727bcf878066aa120422e0085cb719a66d7b0043dc932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3154 0
0 32ms
32ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmSL3OSveWoUBkl8uG189QxtykAFjv6W1YMctWTfWGub77M9sl7B88mCcgj4TPeXoF5uhM1r8goqtxIGMrUtxu-RyG3Fmpq_9e-zD9FoNQ2POkVkjNC_v_8Av-00KXp3Wv-63FgKNvf0eoN50eEGx43VgK0L8uI9CKVNBKP7co0hk1VTctVsA9d2Xh07VRHFtKyaVOcbp0BH2P5dsnDY4sb3WTYsRFMIxncEw48_qU352d5FTSQKq0xNUHXJh4qMa_CJ8LDENdjYub2ok0mCswOnJkBkS6zIgNJ2fepox1zf82bIL2X7fjilbyloCqBRGO4g&sig=Cg0ArKJSzKGqjbwDX93HEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
DATA 200
OK truncated
/ Frame 3154 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e621fc9a2fd78383bc6add412e21e9eb882acec16272cf65f8d059728847d4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B3E 0
0 31ms
30ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWJw6RIg6t2GQ_scqgJ2v_edH3UPXPAfTnh2Y1v0AByNvYbUdEGXqDKITUV7ENO2A3XjSPphLpe168sD-aNblCuMKrzqUmpewLxxpgD4vyOorJLn-mX5Q_o_nduTQALbIi6XgYXBkDeTS5ZaS_J15uT6pyvskKjYqMDkv93SgtTTYICnZXoIX8IsNXpLZBwYVp5foRY8R2H19Fd7m-w5nANoqMrskfSaBWLm4hNs2RW_YX5uR55bd0GD-sHnTgoIJwcNtEwMMQCjqFqbYeihAPozzAeB_su4GsSeTbrLxyFr0C39csPjSrO8fTQ08FTdd3&sig=Cg0ArKJSzA6ODATXQQO4EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H2 200 img-placeholder.df52e7638153b73862008d3d0556fdda.png
c.disquscdn.com/next/recommendations/assets/img/ Frame C1EE 1 KB
2 KB 7ms
6ms Image
image/png 13.32.121.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/recommendations/assets/img/img-placeholder.df52e7638153b73862008d3d0556fdda.png

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:47:25 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 9793868
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1054
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 23 Nov 2021 19:16:33 GMT
server: nginx
etag: "619d3e11-41e"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 24 Nov 2022 10:47:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RBxlK_0vtgqtY5I2raob6jGAeM8cfVHyjPT-8tUVtDMygEl3mScdJQ==
x-cache-hits: 0

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 19ms
18ms Script
text/javascript 23.59.68.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/84405/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.68.11 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-68-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2b6a7289f2e184fc952db4d52a3e4167ae036b45296c178dbc139d0fa03cd32b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: br
last-modified: Wed, 16 Mar 2022 15:06:10 GMT
x-amz-request-id: P6B86FTDMXA686QR
etag: "526cb8f3b5ee4872b77b009264950e46"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 1
accept-ranges: bytes
content-length: 134138
x-amz-id-2: RRKbgHHQmNdZPLRE/0uXLRR2VUzVmB7TIjPQ+guiG0a5aVcFZ0L2QlqJbZsAmBA8y5DM3N9m+KM=
expires: Thu, 17 Mar 2022 19:48:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F54 0
0 31ms
30ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlrdehHRO2ljqVPumVHM9XrZrY2zqfOFVieMtYGobHJvPVDfviyhbx1q927XAVhq1PG-O9fSK9cLCEckKWlZS3BDhkJiec_mNCfnuTtsYh8P0zUF51Yr_XZWFXalwUERSO52a-BaCt6ePERNeNrOrAxta4UEiJc-rjP-ABTvXcFMYH2MqQXMDHBLNRBP4koSmamy25P3AwyrTCLJ8PZ40WfAKymM-MN-gVkLWuRM0PeqGx2AXEv3uOWSvUSpe-tIJg0d3sJisblEq6saAhU4Wzr_CQ6NVPPHiEZ9MD7feIQR1sHhUJhBtGWLsllQ&sig=Cg0ArKJSzJEYhITQFNdKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 4F78 3 KB
2 KB 224ms
204ms XHR
application/json 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_skeleton_loading_13398%3Acta%3Btfw_space_card%3Aoff&id=1504128871632941058&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

593a0303ae89b955e5febe39551d3b0522f90b1a2ced9890162ebff5f77f8d83

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"b86-832LjTo464myjdGgrX0XAOe6VjU"
x-powered-by: Express
access-control-allow-methods: GET
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=199
strict-transport-security: max-age=631138519
x-xss-protection: 0
x-response-time: 184
server: tsa_f
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 19:18:33 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ", VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 35b28ea0453b7f50a350f22bd0565268ef1bfcc729d70d86088b04e41c18f0f9
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H2 200 track
t.teads.tv/ 23 B
113 B 139ms
61ms Image
image/gif 104.107.161.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=7827d145-34e1-4fc6-af7f-e17104202d7e&pageId=84405&pid=117459&debug_metadata=gysnMAuhFO&fv=1015&ts=1647544713529&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 140ms
63ms Image
image/gif 104.107.161.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=7827d145-34e1-4fc6-af7f-e17104202d7e&pageId=84405&pid=117459&slot=native&fv=1015&ts=1647544713538&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/84405/ 539 B
573 B 67ms
67ms XHR
application/json 23.59.68.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84405/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&page=%7B%22id%22%3A84405%2C%22placements%22%3A%5B%7B%22id%22%3A117459%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A880%2C%22height%22%3A495%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=7827d145-34e1-4fc6-af7f-e17104202d7e&formatVersion=1015&env=js-web&netBw=10&ttfb=296
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.68.11 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-68-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 92032c79eff0c60d1f5fd02faf3257113d9bb8562eed7aa520950192fae3d03c

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.itnews.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.itnews.com.au
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 364
expires: Thu, 17 Mar 2022 19:18:33 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 58ms
58ms Image
image/gif 104.107.161.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=7827d145-34e1-4fc6-af7f-e17104202d7e&pageId=84405&pid=117459&slot=native&vid=00000000-0000-0000-0000-000000000001&fv=1015&ts=1647544713615&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Requested by: Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.2690210765db59fa9244.js Show response
platform.twitter.com/embed/ Frame 4F78 143 KB
38 KB 9ms
8ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.2690210765db59fa9244.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: c5e26e4cb515c57971f5c901dcbec3327d71163c4510d43681e3522353fe4cea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length: 37860
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6772)
Etag: "b4f0afa38dce8437e735f5af5dd9dc33+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.vendors~ondemand.TweetVideo.98357008a9809fa238b9.js Show response
platform.twitter.com/embed/ Frame 4F78 45 KB
13 KB 15ms
14ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.98357008a9809fa238b9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 9db6713aabf5639680dbcd527b19a7f181ea6144a2aee236d13f6f042a902a3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12915
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/674D)
Etag: "12a457eda922a7eefacd2d23f0f66c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.TweetVideo.9677ea422e19142d19ec.js Show response
platform.twitter.com/embed/ Frame 4F78 4 KB
2 KB 42ms
41ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.TweetVideo.9677ea422e19142d19ec.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: f5be6b4ad6092fdc20e472ee2842bf784e4846489ef8b0f83bc4077909b129df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 1828
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/6725)
Etag: "20f6f5805d5b533af59e020f7d4bcd93+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.loader.UserAvatar.6e712ddc41d494ba5108.js Show response
platform.twitter.com/embed/ Frame 4F78 157 B
726 B 6ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.loader.UserAvatar.6e712ddc41d494ba5108.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: ba4abf1f137e3d8cc642ced67ba7c9c179ae2aa93b668623e396ca980d9c0638

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/668C)
Age: 160976
Etag: "2b4ba8280390637f1785dc4b5808402e"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 157

GET
H2 200 jot
syndication.twitter.com/i/ Frame 4F78 43 B
170 B 116ms
116ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647544713708%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22iTnews_au%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22iTnews_au%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221504128871632941058%22%5D%2C%22item_details%22%3A%7B%221504128871632941058%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Thu, 17 Mar 2022 19:18:33 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdb8e5677b7d341cd29c3732d02b8e141bef2c6d0abe26333c468f89d88b4ef1
x-transaction: 64d91fb277004f39
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 4F78 43 B
124 B 116ms
116ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647544713743%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22iTnews_au%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22iTnews_au%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221504128871632941058%22%5D%2C%22item_details%22%3A%7B%221504128871632941058%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A977.1999988555908%7D

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Thu, 17 Mar 2022 19:18:33 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdb8e5677b7d341cd29c3732d02b8e141bef2c6d0abe26333c468f89d88b4ef1
x-transaction: 064c144778124232
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK embed.vendors~loaders.video.VideoPlayerDefaultUI.96cf684c2f96172ada41.js Show response
platform.twitter.com/embed/ Frame 4F78 121 KB
34 KB 13ms
13ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.96cf684c2f96172ada41.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 187e1208ea495cf2d00db5baba77743cc6e44b403b548f6f34098c008fdb2f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=iTnews_au&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504128871632941058&lang=en&origin=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&sessionId=d20a6a7c5772db971c39df7ce5ffe034436285dd&siteScreenName=iTnews_au&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 19:18:33 GMT
Content-Encoding: gzip
Age: 160976
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 34723
x-tw-cdn: VZ
Last-Modified: Tue, 15 Mar 2022 22:32:57 GMT
Server: ECS (frb/67D5)
Etag: "6b453889a0b9fe6a4c169b2ab25ac815+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 FN-9JykXwAANaBD.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 4F78 26 KB
26 KB 29ms
6ms Image
image/jpeg 93.184.220.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FN-9JykXwAANaBD.jpg

Requested by

Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/phishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

b2dce974d741791e58e48d59a1a8bdc9f0b30ab8d7d6136910d37680f01a11c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
age: 97470
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 26510
x-response-time: 224
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/5 tweet_video_thumb/1504128776455831552
last-modified: Wed, 16 Mar 2022 16:11:40 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d640629d2ff223aa5927e14d61a63785b3db312b24a1126d45a1563f360a0e0b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FN-9JykXwAANaBD.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 4F78 26 KB
26 KB 8ms
7ms Image
image/jpeg 93.184.220.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FN-9JykXwAANaBD.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

b2dce974d741791e58e48d59a1a8bdc9f0b30ab8d7d6136910d37680f01a11c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:33 GMT
x-content-type-options: nosniff
age: 97470
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 26510
x-response-time: 224
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/5 tweet_video_thumb/1504128776455831552
last-modified: Wed, 16 Mar 2022 16:11:40 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d640629d2ff223aa5927e14d61a63785b3db312b24a1126d45a1563f360a0e0b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 ui-bg_flat_75_ffffff_40x100.png
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/ 247 B
274 B 8ms
7ms Image
image/png 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc87114ecf1d8bdd5f75fd6a3cff45db5782d41249cd7af503bfd54a106a8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 14:07:11 GMT
x-content-type-options: nosniff
age: 191483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 14:07:11 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
952 B 178ms
158ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=21321196&rcu=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&pu=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fphishers-devise-browser-in-the-browser-attacks-chameleon-landing-pages-577458&t=Phishers+devise+browser-in-the-browser+attacks%2C+%27chameleon%27+landing+pages+-+Security+-+iTnews&cts=1647544714056&vi=4faf8fa31b62de070419b884d3b23828&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:34 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 387f82ae-4b9c-4eac-b9e0-4776c46ee99b
cf-ray: 6ed8133f1fab5ba4-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyEo0fOW9S2Rf%2Fc7OuYcG7vZWM7vCB0jbslIGGo7UyRkT4cYrOxTi%2FGl4o3DlUwsDot6jpF2NfbkW2ZMx9B%2BorLyui6g3j9%2Fd41MKMEZPFCxHqTFBOnUcHlafFwLcDsqQUEY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 51ms
23ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd71cedefc5324dd3f1874d594090974877ebcde03e528b1fcab1d034edbf581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 19:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10614
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 19:18:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C13 13 KB
5 KB 7ms
6ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 19:02:16 GMT
expires: Fri, 17 Mar 2023 19:02:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A84 783 B
536 B 16ms
16ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

353598203e7398199c7d21267deeaba4243de21dfcc3cc7b0f86d0b4a5de6f30

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-swYCI0P06q2R1JyVgkgcDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 17 Mar 2022 19:18:34 GMT
date: Thu, 17 Mar 2022 19:18:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-swYCI0P06q2R1JyVgkgcDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C13 35 KB
14 KB 23ms
8ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:06:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 17:06:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A84 0
0 64ms
63ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=2788984471277730&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B70 42 B
64 B 43ms
28ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxKCM4L7KRqFfIFVCC_BZsSj_6nPGNU3ROHXvSGwBUlEW87BcGv5usF7YJvmEHAhl9NaUeWxC4JjxhERoQE92z2PGyJseE49GpQpcVMxrfimlZstDI&sig=Cg0ArKJSzFqnUI4eYOarEAE&id=lidar2&mcvt=1000&p=883,1044,1483,1344&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=0.53&vu=1&app=0&itpl=3&adk=1265387520&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647544713113&rpt=201&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6068 42 B
64 B 42ms
28ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcrEu78ef7by1zecXhAW3B-Dj0U08RoIJBRIP-hCBzBhuxgNMC1Q6rAbdSotNgNxozSbD2vNwXS5DsD5Bd8NC4vAQtx0-2xGLDvTbET2wsOAFyrm3z&sig=Cg0ArKJSzCl2HZEcvwkwEAE&id=lidar2&mcvt=1002&p=234,315,324,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=667020349&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647544713100&rpt=190&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C13 0
9 B 8ms
7ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-eCeMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:18:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B3E 42 B
64 B 30ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4mehHEr4HC1AnD-HjK_s0HoRK9SJJhcGduu7IGBmjNH2O2nLGFcKtZYUuQQ2_6iWm7lE2wF2ISSpAbaqPA7HHWvwwtAmL1KfUotnDpbZmuLuSjurA&sig=Cg0ArKJSzC2qIqWgeOxHEAE&id=lidar2&mcvt=1008&p=80,531,170,1259&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2669764438&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647544713108&rpt=237&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3154 42 B
64 B 30ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxozDUQ4F97oE8Hcq-5W1KSp5vK9fl9B7JLJ8FNjqgFrQ_tLJcN3PI4EUoXs2be0zQZCtyqISMjZp3q3keQNsg02-5wGxkc8uZV4WwfMag_F9vJDWG&sig=Cg0ArKJSzNO2rxtuvX3UEAE&id=lidar2&mcvt=1010&p=360,480,840,1120&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=727088295&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647544713134&rpt=205&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itnews.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 19:18:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=2788984471277730&bg=!LC-lL2vNAAba2mK92to7ACkAdvg8WvVaXJdiFAtnhF84F8FFRLf930TCejVC6nD_8_AbJDmz1-nB7QIAAABgUgAAAANoAQeZAuHb0RW7c0r5mo5OtlFsj94PBLItTteW4nJZxaCARpvWDg0-xQfjdlrcamtOemHVBF_YB39IoYbvVRDnQmqktJNwSit5YtO0qeq0RjOvwi_L7kmBhh43S-jpW6W3RJG7Amx6sIrxnZUF7tTvwbeNcz8w_f91MRKsH2ApwFmkebUhtlQS8zytUIPp6Rstblda2Z0toIK-M1sTadGQfS8kYsjo1eu9iBGfyWwwFD3e8SoDNR5WRjPxMTbQ65ji9lfwB-rblYstOtGysNqNwDwqg2M5gs4MLhlI7cI77eM-Dd8rQrneffYrnDn3saICHObB2ijfqiQpvRbMCEF_YUGH1VBxB2dINRwNqF27kRRKoMe-5xs9KYWQraERmggKtr6JDroyYUZcNxGiFO9gp4TDFfz9zN6T3zti0lQaPPU2V8kC_iXQqBhSkvtlHlR80Y-odhybWYS0jm-g4MiTE4j65qPLc85eZjdihLbaQCvAt998s7WEVh9OwB39ExhhE6v6X9T0hiSV7niFXdCnGxvA9bgtFnmYxIy41AKoELzhddQR0YsY7GUVCaCLUBlpvpsftTCRMGlRkMZsJVQKlXUGK6NwzGCfA58-wV162vMNse69RpYaPrWQa7LYSIFlJwt0B6gnBu7_LREeleK1qIcfIwXKrDhptLVvRaMg0-gvG8F3o2_Hf_o-jY9rmk_sQIJL2s5VAlT7FRu7QtdCsQQX4zOc5hTbPJ9OD9Iohm0lh-Gqpe1670U0a8IoL52kKllCj7NfJdcXJhjvmYjFdz7KZr62nTdUc67W_RVgma1tLHdV1ayv40DXnV0jU7_Nl1TAtNyNfZwWldMMWTIB-56w32Vk80TSc_cEo0fVplL00h7VgvpW2ZwAYT247HwSu5XE85hILpPw-A_Ha-niO3ES_6rYtD1x8HbPpv89A2hNlBpAdDUkFDTG7C_z_utW-HngBSfirjyJLlUGn-ZURNhsf5s0FQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS