thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:4615 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Submission: On October 30 via api (October 30th 2021, 7:01:31 am UTC) from US — Scanned from DE

Summary HTTP 98 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 19 domains to perform 98 HTTP transactions. The main IP is 2606:4700:20::ac43:4615, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.

This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:20:... 2606:4700:20::ac43:4615	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:1cad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	213.254.244.22 213.254.244.22	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
3	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2 4	34.241.163.173 34.241.163.173	16509 (AMAZON-02) (AMAZON-02)
2	3.124.136.236 3.124.136.236	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:e800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.66 13.32.121.66	16509 (AMAZON-02) (AMAZON-02)
8	63.251.109.138 63.251.109.138	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
98	28

12 2606:4700:20::ac43:4615 (United States)

ASN13335 (CLOUDFLARENET, US)

thehackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:6c00:286::4469 (Ascension Island) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1cad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b2::4469 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.22 (Ireland)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20519.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.241.163.173 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-163-173.eu-west-1.compute.amazonaws.com

att.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.136.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-66.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 63.251.109.138 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps11008.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps11017.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	doubleverify.com 2 redirects cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20519.doubleverify.com tps.doubleverify.com tps11008.doubleverify.com tps11017.doubleverify.com	231 KB
12	thehackernews.com thehackernews.com	215 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	63 KB
9	google.com fundingchoicesmessages.google.com	83 KB
9	doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net	193 KB
6	adpushup.com cdn.adpushup.com e3.adpushup.com	201 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	demdex.net 2 redirects att.demdex.net	3 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
3	googletagservices.com www.googletagservices.com	59 KB
2	gstatic.com fonts.gstatic.com	157 KB
2	agkn.com d.agkn.com	1 KB
2	2mdn.net s0.2mdn.net	112 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googleapis.com fonts.googleapis.com	4 KB
1	quantcount.com rules.quantcount.com	345 B
1	truste.com choices.truste.com Failed	9 KB
1	quantserve.com secure.quantserve.com	10 KB
1	jquery.com code.jquery.com	29 KB
98	19

	Domain	Requested by
12	thehackernews.com	thehackernews.com
11	cdn.doubleverify.com	2 redirects thehackernews.com cdn.doubleverify.com ad.doubleclick.net
9	fundingchoicesmessages.google.com	cdn.adpushup.com
6	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com thehackernews.com www.googletagservices.com
6	tps20519.doubleverify.com	cdn.doubleverify.com
4	att.demdex.net	2 redirects thehackernews.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	c.amazon-adsystem.com	cdn.adpushup.com c.amazon-adsystem.com
3	tps11017.doubleverify.com	thehackernews.com cdn.doubleverify.com
3	tps11008.doubleverify.com	thehackernews.com cdn.doubleverify.com
3	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net
3	e3.adpushup.com	cdn.adpushup.com thehackernews.com
3	www.googletagservices.com	cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
3	cdn.adpushup.com	thehackernews.com cdn.adpushup.com
2	fonts.gstatic.com	fonts.googleapis.com
2	mug.criteo.com	thehackernews.com
2	gum.criteo.com	1 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	d.agkn.com	thehackernews.com
2	s0.2mdn.net	thehackernews.com
2	ad.doubleclick.net	www.googletagservices.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
1	cdn.jsdelivr.net	cdn.adpushup.com
1	fonts.googleapis.com
1	rules.quantcount.com	secure.quantserve.com
1	choices.truste.com	ad.doubleclick.net
1	secure.quantserve.com	cdn.adpushup.com
1	code.jquery.com	cdn.adpushup.com
98	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
deals.thehackernews.com
thehackernews.tradepub.com
www.instagram.com
t.me
go.thn.li
nvd.nist.gov
www.microsoft.com
developer.apple.com
support.apple.com
en.wikipedia.org
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
thehackernews.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-22` - `2022-06-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.adpushup.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-27` - `2022-08-29`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Frame ID: 7A2D0B97F6CA617CB2A8B61760663127
Requests: 84 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: D887957D1FA31C80DC31CD1948D3F618
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 1D6FFC17D6B739155DCD18104CE3A6C4
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 9D2BE4FCF493B24437345BE3D08C50B6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 5185E90FCA91D6B6923743893CA2871E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: C8943583C1D42F55935488CA30CAF5B3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A5F669D29D679EFA6904E6B4DBE79B7C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EBF9B85E0096C33DBA0A9A6D0482F661
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: CFE316E03A6CA42C3486ED145A1AB4AE
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New 'Shrootless' Bug Could Let Attackers Install Rootkit on macOS Systems

Page Statistics

98
Requests

93 %
HTTPS

59 %
IPv6

19
Domains

30
Subdomains

28
IPs

6
Countries

1418 kB
Transfer

3946 kB
Size

10
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thehackernews
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/thehackersnews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/thehackernews?sub_confirmation=1
Title: 

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/
Title:  Offers

Search URL Search Domain Scan URL

URL: https://thehackernews.tradepub.com/
Title: Free eBooks

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/free
Title: Freebies

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAADwuDObFWF60CiR-HQ
Title:  Telegram Channel

Search URL Search Domain Scan URL

URL: https://go.thn.li/crowdsec-h-d

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-30892
Title: CVE-2021-30892

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
Title: said

Search URL Search Domain Scan URL

URL: https://go.thn.li/backhub-d2

Search URL Search Domain Scan URL

URL: https://developer.apple.com/documentation/security/disabling_and_enabling_system_integrity_protection
Title: SIP

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT204899
Title: security feature

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT204012
Title: root user

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Z_shell
Title: zsh

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT212872
Title: remediated

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT212869
Title: problem

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsstLtajcIqsIi-QzhtfT8tJtYWZMm1lTk_QnNiaCqmH0klqGWvCyTCpL5pBCZudAFueeh2QzwTFc4eRYIQLBuBS4J9BM5SH9r-N41E1ALHOx52QiBQSBthYm-r_K9kyv2bNEK2M&sig=Cg0ArKJSzD75VsKxmqbK&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://d.agkn.com/pixel/2389/%3Fche%3D2501985069%26col%3D24935727,5936378,292494536,486197547,144230506%26l0%3Dhttp://att.demdex.net/event%3Fd_event%3Dclick%26d_src%3D127123%26d_adsrc%3D6141273%26d_campaign%3D24935727%26d_placement%3D292494536%26d_site%3D5936378%26d_creative%3D144230506%26d_adgroup%3D486197547%26d_rd%3Dhttps://cybersecurity.att.com/resource-center/ebook/how-to-build-a-security-operations-center%253Futm_medium%253DAdvertising%2526utm_source%253Dthn%2526utm_campaign%253DSOC-eBook%2526source%253DEBBrHNAVT00AvtDyO%2526type%253Ddisplay%2526LNS%253DTP_OT_MLT_DSP_0720%2526gcm_uid%253D0%2526dclid%253D%2525edclid!

Search URL Search Domain Scan URL

URL: https://go.thn.li/scw-owasp

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvuAPdaQZzIdQTpFoggabCHtR4fwhaVPK08VN3Vmi7g-EG0SfBuHF_aJHi2IONtqbh0tsC55A2XJT3KqX_3ozg7RQHHHSPypISZkTUdvzrD83J7LnXvODenUqyh4XQh9oPMJr-WFJnysFLfz59rucasSyDiFvGebXQ0lpnT_nKlqRFpGSgDTe5CTv2y7ty-rmRXtuTFrUYbdSoS3HQ&sig=Cg0ArKJSzJLUfLHLI_XN&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://d.agkn.com/pixel/2389/%3Fche%3D1031721132%26col%3D24935727,5936378,292495514,485910716,144332127%26l0%3Dhttp://att.demdex.net/event%3Fd_event%3Dclick%26d_src%3D127123%26d_adsrc%3D6141273%26d_campaign%3D24935727%26d_placement%3D292495514%26d_site%3D5936378%26d_creative%3D144332127%26d_adgroup%3D485910716%26d_rd%3Dhttps://cybersecurity.att.com/resource-center/white-papers/cybersecurity-insights-report-tenth-edition%253Futm_medium%253DAdvertising%2526utm_source%253Dthn%2526utm_campaign%253DSOC-eBook%2526source%253DEBBrHNAVT00AvtDyO%2526type%253Ddisplay%2526LNS%253DTP_OT_MLT_DSP_0720%2526gcm_uid%253D0%2526dclid%253D%2525edclid!

Search URL Search Domain Scan URL

URL: https://go.thn.li/native-1
Title: Reduce Recurring VulnerabilitiesWatch the video to find out how Alice the AppSec Manager turned her consistent bad days around with help from Secure Code Warrior.

Search URL Search Domain Scan URL

URL: https://go.thn.li/owasp-native
Title: Webinar: The OWASP Top 10... and beyondJoin industry experts to discuss how organizations should use the OWASP Top 10 to guide their software security programs. Sign up now.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-2019-ethical-hacker-masterclass-bundle
Title: <img alt='Learn Ethical Hacking Online' class='deal-link' src='https://thehackernews.com/images/-6bFLF28Wvxc/XHaUg588fBI/AAAAAAAAAGU/USPKfrcXaLgzaOBfKGb92v-0T12CIaK9wCLcBGAs/s260-e100/learn-hacking-training.jpg'/> Ethical Hacking - Practical Training 10 courses + 1,236 lessons on latest techniques, forensics, malware analysis, network security and programming.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/lifetime-access-to-stackskills-unlimited
Title: <img alt='Unlimited Secure VPN Service' class='deal-link' src='https://thehackernews.com/images/-NnUk1eJVmVk/XHggwOYT51I/AAAAAAAAzbg/_5sUNHfsdiYDo-si4rya7tVT4pSZI0qSACLcBGAs/s260-e100/unlimited-vpn.jpg'/> 1000+ Premium Online Courses With course certification, Q/A webinars and lifetime access.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-cybersecurity-expert-certification-training-bundle
Title: <img alt='Best Hacking Books' class='deal-link' src='https://thehackernews.com/images/-4fAuruXOrkE/XDW4dE5zVMI/AAAAAAAAy9A/K13EeHK67NM69FUaCYDYtunHofUHjtt4wCLcBGAs/s260-e100/hacking-cybersecurity-books.jpg'/> Cybersecurity Certification Training CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-complete-2020-comptia-certification-training-bundle
Title: <img alt='Cisco Certification Courses' class='deal-link' src='https://thehackernews.com/images/-2nVCe__qYkc/WxVG9s8C7CI/AAAAAAAAw6Q/fFsdOSE-DEYDqqf3z9KWus0oBWdbzAkAgCLcBGAs/s260-e100/cisco-it-networking-certification.png'/> CompTIA IT Certification Training Lifetime access to 14 expert-led courses.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/citizengoods-exclusives
Title: Exclusives

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-specialization-developer
Title: Development

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-interest-android
Title: Android

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378

Request Chain 60

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332127&d_placement=292495514&d_campaign=24935727&d_site=5936378 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332127&d_placement=292495514&d_campaign=24935727&d_site=5936378

Request Chain 82

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=cbkLLHxBUFBQYnBEK0o4NzRGVmVFQmlkQUZKZVZoc0JMTThaQXFBbE5qQzVYeldPS0pTampIZW9ndFlCaUNhRDNkWFFmUHZzK0x6MUszTzIzZEV0STN6MFM4eVRBWjV1ZnVmZlpTMFBtdERaSk8vc242WmxvRUNJOEZoZUVhaGJ3czg4dm5hb0xBNG95Mk5aS2t2US9zc2NPK2lVdDNlQlFPZnBKUXhpY3FUUW1DOCt0Z0tNWHB1R29LL3hIOHNCOEJmakFyZmhTY2tSc0lkWmpEZnpHTGkxaTVLVkhINWxUQ0dIWU1NVXc5OTZyNW9JPXw&cppv=2

Request Chain 95

https://cdn.doubleverify.com/redirect/?host=tps11008&param=akipv6&impid=ab4744678f644abfb91cf6fd6dbc6a8a&cbust=1635577286834280 HTTP 302
https://tps11008.doubleverify.com/event.png?impid=ab4744678f644abfb91cf6fd6dbc6a8a&akipv6=2a0f:9441:5:0:e5::1

Request Chain 96

https://cdn.doubleverify.com/redirect/?host=tps11017&param=akipv6&impid=0f7fd6b6af81472abae8e619fa7e0932&cbust=1635577286944761 HTTP 302
https://tps11017.doubleverify.com/event.png?impid=0f7fd6b6af81472abae8e619fa7e0932&akipv6=2a0f:9441:5:0:e5::1

98 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-shrootless-bug-could-let-attackers.html Show response
thehackernews.com/2021/10/ 140 KB
62 KB 105ms
56ms Document
text/html 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordPress VIP

Resource Hash

135e50ad100bb2f23cce5873215f29efed5b28a17c8b75cf3fe4f49e4a800142

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a62c5b2cff5d6ed-FRA
age: 290
cache-control: public, s-maxage=604800, max-age=0
expires: Sat, 30 Oct 2021 06:56:35 GMT
last-modified: Fri, 29 Oct 2021 21:17:44 GMT
link: </css/roboto.css>; as=style; rel=preload
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-forwarded-for: 2a0f:9441:5:0:e5::1
x-frame-options: DENY
x-powered-by: WordPress VIP
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsHddo%2BnGBHnCZM6LNg13PPyHWJ3jVSXBPwtCALVL33VjAghoE7ODsOPHREuTcOsZtk5p08x0dmwhw7qRjpB1mNWMk4x9YAAUQkL1WWNbrPw1Fax%2BTgLNQNNls8pr9MkyGxxjHhjvFmGga3wkxXv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-h2-pushed: </css/roboto.css>

GET
H2 200 roboto.css
thehackernews.com/css/ 77 KB
57 KB 24ms
0ms Stylesheet
text/css 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/css/roboto.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06nnwFh243A8Kc0jGoG4x%2F7pydXe5BmRkeG%2F5eIA4Y8nk%2FzWej6GLzSf1WtlKbfhnWIjr1%2FwcdYoDrZe20ngqbO1QMgHKJQCOBjowiaTAdqlzoCYx45wUNRqYUVOTyJ6khxA3e0ZrgQVpe2HbnWr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, immutable, s-maxage=8640000
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6a62c5b31854d6ed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 AVvXsEikr3x9mIRK2pyOiMjMJ08hRpgnJBkguZSq_WKKVyfjh7yjUJNVzT8Ib5vEFL82YFxXcm6gAK_N0dtpJQNCzd5GCd8N7-2onF5JfLRYKyufUI-Ie9OAvcYJiEuingbsr3QezPmHFHaS5E_aCjIDK7xOOAmziMenTstIuYQEq7nxbW78u_kS_ioLQp0y
thehackernews.com/new-images/img/a/ 44 KB
44 KB 44ms
44ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEikr3x9mIRK2pyOiMjMJ08hRpgnJBkguZSq_WKKVyfjh7yjUJNVzT8Ib5vEFL82YFxXcm6gAK_N0dtpJQNCzd5GCd8N7-2onF5JfLRYKyufUI-Ie9OAvcYJiEuingbsr3QezPmHFHaS5E_aCjIDK7xOOAmziMenTstIuYQEq7nxbW78u_kS_ioLQp0y

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ea4e3cdb73ba9b661c66581848e741d0d18e03ef8fdd819c5334cec1f45e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61434
cf-polished: qual=85, origFmt=jpeg, origSize=62557
x-forwarded-for: 45.139.215.140
content-disposition: inline;filename="macOS-SIP-bypass.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44826
x-xss-protection: 0
expires: Sat, 30 Oct 2021 13:57:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v10cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maraKt3DfXJnk0di%2FMGWLCgeZMOTEwvwgmSlmdJ9JGUU0mDBmaQvOaf1p0yxGc38k%2F7G5A0J9dJYFvF4MSbo9V%2F6wV8W9d9A4qx1WnpFcy6hW2p8ZXSCoT2yZzL9xaBSn3wUwlIbu2IK0pNHIVmr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b35888d6ed-FRA
access-control-expose-headers: Content-Length

GET
H2 200 AVvXsEgq89jDP6X3f5NMRCWGZzjVLahEnXZs7t2sfqJp17ggUD2W70Gz9ulzTUK2COuT5fshRoB5Mh9C9nOypJkfbMwjS92zoapOEWJC_iZp7YQd-NDVJmcYaGmVXtLekbAo5PtFI_1Z-r1caGsWQ2KskrrMBcHHMbDoJruSzC97AY7jvh_iiPfqmXJ_1HJj
thehackernews.com/new-images/img/a/ 30 KB
31 KB 27ms
26ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEgq89jDP6X3f5NMRCWGZzjVLahEnXZs7t2sfqJp17ggUD2W70Gz9ulzTUK2COuT5fshRoB5Mh9C9nOypJkfbMwjS92zoapOEWJC_iZp7YQd-NDVJmcYaGmVXtLekbAo5PtFI_1Z-r1caGsWQ2KskrrMBcHHMbDoJruSzC97AY7jvh_iiPfqmXJ_1HJj

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779a3b67fb00740599779f11fb2d0f3568f73b481a039bc67014b88f3b4ad80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53800
cf-polished: qual=85, origFmt=jpeg, origSize=45346
x-forwarded-for: 88.156.113.63
content-disposition: inline;filename="root.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30734
x-xss-protection: 0
expires: Sat, 30 Oct 2021 13:59:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v10d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRpWPyA1Ydoi5O0%2BfG67qkneX0CUrDOOLeb6A5VuoFj24jcuUVBAohwt8krCWISLN4vDaVyX3SP16rcGaui7Pmew5ybim0tssCGIigS54E%2BsLo7CrEpzeDpOvuCFDkgA6n%2FT%2BhbWhWY95synaawP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b3689bd6ed-FRA
access-control-expose-headers: Content-Length

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 59ms
7ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:26 GMT
Server: Microsoft-IIS/10.0
ETag: "60d09d781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 58ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:26 GMT
Server: Microsoft-IIS/10.0
ETag: "60d09d781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H2 200 rocket-loader.min.js Show response
thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"616eb975-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nqc7ixgVZrB7%2FLoa6xbObotT0FSQzlJ70GwXXso94GTv%2Bz4eQIOE%2BR%2BzWD1UFAFtluqXLLSbZbMhv2USfXqKu9B9tsWE0N%2FqPQaeYjLps2JpBD87tqh4NdZGE%2FpPAya2P2931Mh0u9iSJ9t%2B7J3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6a62c5b368a0d6ed-FRA
expires: Mon, 01 Nov 2021 07:01:25 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/37020/ 386 KB
105 KB 64ms
25ms Script
application/javascript 2606:4700::6812:1cad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/37020/adpushup.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 862ea3498f79ac3ed29974e7fc1499eede75cf3f2b073fb114c1346dea9c25aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Oct 2021 11:34:54 GMT
server: cloudflare
age: 69959
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-cf-geodata: DE
cf-ray: 6a62c5b398c76946-FRA
expires: Sat, 30 Oct 2021 11:01:25 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ed58d405cc30d0472d4deed639ea4696b1c7e5614cc8f91b474142d36b1e697

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Referer
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ 61 KB
19 KB 11ms
11ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:43 GMT
Server: Microsoft-IIS/10.0
ETag: "802192821a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame D887 1 KB
1 KB 32ms
7ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=49353
Date: Sat, 30 Oct 2021 07:01:25 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
866 B 83ms
10ms Script
text/javascript 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_72684273786&jsTagObjCallback=__tagObject_callback_72684273786&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=72684273786&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=95&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=12&fec=401&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&dvp_exetime=14.30&callbackName=__verify_callback_72684273786
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: f5a7ac8c63f5a01e6ddb5c447114e396110f6e292bdb4e553c554bca240da112

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 0
Content-Encoding: gzip
Date: Sat, 30 Oct 2021 07:01:25 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/29/2021 7:01:25 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 1D6F 4 KB
2 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=64002
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 68ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2016 17:52:17 GMT
server: nginx
etag: W/"56eaeed1-14e98"
vary: Accept-Encoding
x-hw: 1635577285.dop004.ml1.t,1635577285.cds217.ml1.hn,1635577285.cds027.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 48ms
7ms Ping
image/gif 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=46ad5053b46b41daabfd4bbfb7f620af&dvp_or2=1&cbust=1635577285837699
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/29/2021 7:01:25 AM

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 48ms
9ms Ping
image/gif 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=46ad5053b46b41daabfd4bbfb7f620af&vfdur=83&cbust=1635577285839963
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/29/2021 7:01:25 AM

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 9 KB
5 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 30 Oct 2021 06:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 30 Oct 2021 07:28:37 GMT

GET
H2 200 pb.37020.1631637442652.js Show response
cdn.adpushup.com/prebid/ 314 KB
95 KB 28ms
27ms Script
application/javascript 2606:4700::6812:1cad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.37020.1631637442652.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6285dce6b9fb557bd0c15683c62f9be0f2e0b760086854b59c952791ba9e8ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 16:38:00 GMT
server: cloudflare
age: 424138
etag: W/"6140cfe8-4e812"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a62c5b4badf6946-FRA
expires: Sun, 30 Oct 2022 07:01:25 GMT

GET
BLOB 200
OK 86be2dd5-6a2a-4c2d-bed2-e09a540c525b
https://thehackernews.com/ 4 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thehackernews.com/86be2dd5-6a2a-4c2d-bed2-e09a540c525b
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 3743

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ 41 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 28 Oct 2021 02:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 02:10:40 GMT

GET
H2 200 B24935727.292494536;dc_ver=81.235;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=473486474;ord=9c2w61;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%2... Show response
ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/ 45 KB
23 KB 79ms
38ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=81.235;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=473486474;ord=9c2w61;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=17;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ca7443826efd71836bd0a97c5598927479fb8f00ffae72cfdbf3036598e52f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
347 B 13ms
13ms Script
application/javascript 2606:4700::6812:1cad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: cloudflare
age: 156858
etag: W/"60d94cdb-1c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6a62c5b51ba56946-FRA
expires: Sat, 30 Oct 2021 11:01:25 GMT

POST
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
320 B 58ms
19ms Ping
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:25 GMT
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 41ms
17ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

068a10c134968f5b4e31e5bbbe09435b445e451903424098699c484b7d1b25ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1028 / 454 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27295
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 07:01:25 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 40ms
10ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: nY_PcrO6M1v8rxrnAfvFh4iOgrD_tFp3
content-encoding: gzip
etag: 3900a2c2d757386fb762bfd86288f882
age: 362
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1KSVGB1YCZ8VVZGWVVSJ
date: Sat, 30 Oct 2021 06:55:23 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zgqdWgJ94lFhpTvClxZJeJYSxQQX3akyXmd-2eUMvG44xSm3EfTlzw==

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 77 KB
28 KB 78ms
39ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a385664fb9f4c540c34bc30f4efc84304b209ed79a312ca23e5986f6a1a45bd6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-awzogeaj+yh4jyNNp52KMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-awzogeaj+yh4jyNNp52KMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-awzogeaj+yh4jyNNp52KMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-awzogeaj+yh4jyNNp52KMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 35ms
14ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: gzip
etag: "f5gpBRZmwYYTVm3LkZ0l2w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 06 Nov 2021 07:01:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 120 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=81.235;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=473486474;ord=9c2w61;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=17;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 07:01:25 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ 8 KB
4 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 06:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 06:59:26 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
524 B 100ms
59ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstLtajcIqsIi-QzhtfT8tJtYWZMm1lTk_QnNiaCqmH0klqGWvCyTCpL5pBCZudAFueeh2QzwTFc4eRYIQLBuBS4J9BM5SH9r-N41E1ALHOx52QiBQSBthYm-r_K9kyv2bNEK2M&sig=Cg0ArKJSzIiWYPF8jbMsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20211027.63534&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET ca
choices.truste.com/ 0
0

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ 8 KB
4 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=607671&cmp=24935727&sid=5936378&plc=292494536&advid=6141273&adsrv=1&btreg=486197547&btadsrv=doubleclick&crt=144230506&tagtype=display&dvtagver=6.1.src&auevent=__AP1_np_dv_47etya98yglPA__
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=81.235;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=473486474;ord=9c2w61;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=17;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 48ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
H2 200 I_ABU_AVT_3_STB_DTP_300x250_S_N_EN_NA_ABS_AVT_ForresterWave_NA_NA_01-01_MF.jpg
s0.2mdn.net/6141273/ 79 KB
80 KB 93ms
26ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6141273/I_ABU_AVT_3_STB_DTP_300x250_S_N_EN_NA_ABS_AVT_ForresterWave_NA_NA_01-01_MF.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2caac00e5fb95483fc57c9683c105bcdc05bdfe49d73e00bac03fa9500b53d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 16:46:58 GMT
x-content-type-options: nosniff
age: 51268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80886
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 18:29:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Oct 2021 16:46:58 GMT

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378

42 B
945 B

37ms
37ms

Image
image/gif

34.241.163.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

HTTP/1.1

Server

34.241.163.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-163-173.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-06bdc6eea.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: jFl+8mgHRg0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v019-03e0f6c8e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8Hb0PfS6Src=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ 43 B
662 B 85ms
28ms Image
image/gif 3.124.136.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=DE&st=&city=5672&dma=0&zp=&bw=4&che=2501985069&col=24935727,5936378,292494536,486197547,144230506
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.136.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 9D2B 1 KB
1 KB 10ms
10ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=49353
Date: Sat, 30 Oct 2021 07:01:25 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
868 B 12ms
12ms Script
text/javascript 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_974166373062&jsTagObjCallback=__tagObject_callback_974166373062&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=974166373062&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=95&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=4&brh=2&fwc=0&flt=12&fec=494&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&dvp_exetime=14.30&callbackName=__verify_callback_974166373062
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 865537f3b7a434f16cfad91bd75b8a288327d88101285c0db8d18cdf9411afb4

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 0
Content-Encoding: gzip
Date: Sat, 30 Oct 2021 07:01:25 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/29/2021 7:01:25 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 5185 4 KB
2 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=64001
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 10ms
10ms XHR
text/plain 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 06:38:00 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
server: Server
age: 1406
x-cache: Hit from cloudfront
access-control-allow-origin: https://thehackernews.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: TlZePPLA77G1CU8a9lHP8UYSWzLIOQDnPc2ICRh6tos2su9m6mH5Mw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 50ms
26ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 10560
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Sat, 30 Oct 2021 04:24:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: UIXWDJ_BzJT8DKXDNcUhEhz3QPQ9NVq0DI_Dk3o-f12LKuqA6WOqQA==

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 8ms
8ms Ping
image/gif 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=890354cfad1043188c39a11620c31afa&vfdur=83&cbust=1635577286033989
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/29/2021 7:01:26 AM

GET
H2 200 B24935727.292495514;dc_ver=81.235;sz=728x90;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=2498785000;ord=0d8h02;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%2... Show response
ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/ 46 KB
23 KB 54ms
53ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=81.235;sz=728x90;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=2498785000;ord=0d8h02;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=1;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e216b65a6879e2f4c866c52cea7e911071ec4d55101456b89c3f0c2c5ee2bb35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22883
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 30ms
30ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 07:01:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 143 B
131 B 54ms
26ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thehackernews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

3e2662d2cc5114073ccdc2611e908b3b51990027b5cbb651c69954274e2123db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Sat, 30 Oct 2021 07:01:26 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame C894 495 KB
90 KB 28ms
28ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 2 B
345 B 56ms
10ms Script
application/javascript 2600:9000:223c:e800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 06:05:15 GMT
via: 1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
server: AmazonS3
age: 3371
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
content-length: 2
x-amz-cf-id: i39zqYHipdPk9mTBwtR0f2Yh7xE-pxze4a9LTqZSaX0gm05tIDO3wQ==

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 10ms
10ms Ping
image/gif 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=890354cfad1043188c39a11620c31afa&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1635577286137744
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/29/2021 7:01:26 AM

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 9ms
9ms Ping
image/gif 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=890354cfad1043188c39a11620c31afa&dvp_or2=1&cbust=1635577286137810
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/29/2021 7:01:26 AM

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A5F6 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ 0
23 B 70ms
48ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ 0
23 B 67ms
48ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCWR4ypvJTOuXQlaksxJGP2KL77Xc2-O7dVZk3ylbJB3D2da7_O3GpyevIm-qdwzgMzB0i-hqhh0lnh0Atb-75bzeXVpBR2MzYcNIjEt7w7Xx2yQI_O89AynJ8o2Rbl7Lw_FMnfcqzWLax0XhwUT4tMxddpdrzPJAgnpCI3Cqlqhx1uMmj&sig=Cg0ArKJSzElN3udrkP-LEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211027.82544&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=81.235;sz=728x90;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=2498785000;ord=0d8h02;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=1;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ca Show response
choices.truste.com/ 28 KB
9 KB 193ms
192ms Script
text/javascript 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332127_292495514&js=st0
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=81.235;sz=728x90;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=2498785000;ord=0d8h02;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=1;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 66ddc83b882e93d386ef9de2bf36a596126e78038a65e4334b649831efd77566

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: ObxBTV1-KCkPc3guaMLPAlKgXmp8Z6kt8672L00tv4xjaIn5AbaZ4Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ 8 KB
4 KB 16ms
15ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=607671&cmp=24935727&sid=5936378&plc=292495514&advid=6141273&adsrv=1&btreg=485910716&btadsrv=doubleclick&crt=144332127&tagtype=display&dvtagver=6.1.src&auevent=__AP1_np_dv_47etya98yglPA__
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=81.235;sz=728x90;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=2498785000;ord=0d8h02;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=1;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 I_ABU_AVT_3_STB_DTP_728x90_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.png
s0.2mdn.net/6141273/ 32 KB
33 KB 311ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6141273/I_ABU_AVT_3_STB_DTP_728x90_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.png

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74703b7991fb1785f4a70639c48f071bc9881ef0a0c5671f46d0e985efb55373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 20:31:01 GMT
x-content-type-options: nosniff
age: 37825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33212
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 23:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Oct 2021 20:31:01 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ 43 B
662 B 16ms
16ms Image
image/gif 3.124.136.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=DE&st=&city=5672&dma=0&zp=&bw=4&che=1031721132&col=24935727,5936378,292495514,485910716,144332127
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.136.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332127&d_placement=292495514&d_campaign=24935727&d_site=5936378
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332127&d_placement=292495514&d_campaign=24935727&d_site=5936378

42 B
945 B

39ms
39ms

Image
image/gif

34.241.163.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332127&d_placement=292495514&d_campaign=24935727&d_site=5936378

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

HTTP/1.1

Server

34.241.163.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-163-173.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-02e73bb60.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KM6cpZJKTSU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v019-0f4b0dfcb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: REjxYQuVSfA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332127&d_placement=292495514&d_campaign=24935727&d_site=5936378
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 AGSKWxWeLyl9mTD7NcJjwOxx0E7zucbyBqAiKBSrfQ-GLILpUFFhIUUuBh6bShizf4-Wbr1a0ub0obP_zAUti31QKDo= Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 64ms
24ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWeLyl9mTD7NcJjwOxx0E7zucbyBqAiKBSrfQ-GLILpUFFhIUUuBh6bShizf4-Wbr1a0ub0obP_zAUti31QKDo=?pvid=73BE78D1-48C2-4C6D-8DBC-CEE0E8F8E75B&anonid=00FA235E-2EEF-42ED-9BC9-5E41C7B87ED1

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WzwhLVl0EYc.es5.O/d=1/rs=AJlcJMwcTQRLT_WS1-E0Vnfa37vb6ryKaQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KQ5g58QrcpKkoESrJNSBMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KQ5g58QrcpKkoESrJNSBMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KQ5g58QrcpKkoESrJNSBMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KQ5g58QrcpKkoESrJNSBMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWeLyl9mTD7NcJjwOxx0E7zucbyBqAiKBSrfQ-GLILpUFFhIUUuBh6bShizf4-Wbr1a0ub0obP_zAUti31QKDo= Show response
fundingchoicesmessages.google.com/el/ 0
373 B 64ms
26ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z9Ck2wP7wryoe5aFx/OrEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-z9Ck2wP7wryoe5aFx/OrEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-z9Ck2wP7wryoe5aFx/OrEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-z9Ck2wP7wryoe5aFx/OrEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 15ms
14ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzU1NzcyODYxNjQsInBhY2tldElkIjoiMDAwMDkwOUMtZjI0Y2Y4NWUtNDM2NS00ZDE1LWE5OGUtYWU3ZDNmODVlYzNlIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzEwL25ldy1zaHJvb3RsZXNzLWJ1Zy1jb3VsZC1sZXQtYXR0YWNrZXJzLmh0bWwiLCJtb2RlIjoyLCJlcnJvckNvZGUiOjcsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiUE9TVCIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:25 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 204 AGSKWxU9sLDxOF_GOFkR-rbg6Z3FN8VZYe7YzdBrtyeK3NdqwAo9n85PeKsw5JJEJHcib4zXEusKlQU7SeOksnOcsvI= Show response
fundingchoicesmessages.google.com/el/ 0
365 B 51ms
30ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU9sLDxOF_GOFkR-rbg6Z3FN8VZYe7YzdBrtyeK3NdqwAo9n85PeKsw5JJEJHcib4zXEusKlQU7SeOksnOcsvI=?pvid=73BE78D1-48C2-4C6D-8DBC-CEE0E8F8E75B&anonid=00FA235E-2EEF-42ED-9BC9-5E41C7B87ED1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WDTptn7PlkOiMPMBRvB0lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WDTptn7PlkOiMPMBRvB0lQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WDTptn7PlkOiMPMBRvB0lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WDTptn7PlkOiMPMBRvB0lQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWze8EzT4JjFk8Rs5ZZab-JLqmFlv0XlSNz4uayNyuYV-CTabAtgCR54VIg44ntSdgGdgTeY5zRZtHH29gauc0= Show response
fundingchoicesmessages.google.com/f/ 257 KB
52 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWze8EzT4JjFk8Rs5ZZab-JLqmFlv0XlSNz4uayNyuYV-CTabAtgCR54VIg44ntSdgGdgTeY5zRZtHH29gauc0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1NTc3Mjg2LDE5MDAwMDAwMF0sIjczQkU3OEQxLTQ4QzItNEM2RC04REJDLUNFRTBFOEY4RTc1QiIsIjAwRkEyMzVFLTJFRUYtNDJFRC05QkM5LTVFNDFDN0I4N0VEMSIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMS8xMC9uZXctc2hyb290bGVzcy1idWctY291bGQtbGV0LWF0dGFja2Vycy5odG1sIl0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab29afad00f0a61ad3da4e69cd616d824f03c14ec53fa7098ebba35051d346cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u/pwZj5uNa/ZIsivZ26Uaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-u/pwZj5uNa/ZIsivZ26Uaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-u/pwZj5uNa/ZIsivZ26Uaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-u/pwZj5uNa/ZIsivZ26Uaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EBF9 22 KB
8 KB 12ms
12ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C894 3 KB
2 KB 577ms
165ms Script
text/javascript 63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=168&ttfrms=20&brid=3&brver=95.0.4638.54&bridua=3&bds=1&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&srcurlD=0&aUrlD=0&ssl=https:&dfs=471&ddur=11&uid=1635577286229320&jsCallback=dvCallback_1635577286229802&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html&fwc=0&fcl=65&flt=12&fec=530&fcifrms=11&brh=2&sdf=2&dvp_epl=144&noc=4&ctx=607671&cmp=24935727&sid=5936378&plc=292494536&crt=144230506&btreg=486197547&btadsrv=doubleclick&adsrv=1&advid=6141273&tagtype=display&errorURL=https://tps.doubleverify.com/visit.jpg&auevent=__AP1_np_dv_47etya98yglPA__&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=9343415474.735094&dvp_tukv=10516025171.505009&dvp_uuid=30420493210.778942&dvp_tuid=183669611376
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e347611fba4d8147ceddeeed3ab85e1e1782154efcd134e35a2bdbb965abf904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/29/2021 7:01:26 AM

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 15ms
14ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzU1NzcyODYyNjEsInBhY2tldElkIjoiMDAwMDkwOUMtZjI0Y2Y4NWUtNDM2NS00ZDE1LWE5OGUtYWU3ZDNmODVlYzNlIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzEwL25ldy1zaHJvb3RsZXNzLWJ1Zy1jb3VsZC1sZXQtYXR0YWNrZXJzLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiUE9TVCIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjhjMmQ3Zjk0LWE5YzUtNDNiMi04M2E0LWNkY2Y3MTFhZTA1ZSIsInNlY3Rpb25OYW1lIjoiQVBfVF9SX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV84YzJkNyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfMzcwMjBfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzhjMmQ3Zjk0LWE5YzUtNDNiMi04M2E0LWNkY2Y3MTFhZTA1ZSIsInNlcnZpY2VzIjpbMiwzXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:25 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 204 AGSKWxU9sLDxOF_GOFkR-rbg6Z3FN8VZYe7YzdBrtyeK3NdqwAo9n85PeKsw5JJEJHcib4zXEusKlQU7SeOksnOcsvI= Show response
fundingchoicesmessages.google.com/el/ 0
362 B 22ms
22ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IdvagaOa0mZC/yW6pWSn0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-IdvagaOa0mZC/yW6pWSn0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IdvagaOa0mZC/yW6pWSn0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-IdvagaOa0mZC/yW6pWSn0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rewind-2-728.png
thehackernews.com/images/-b2ieWo0PeVw/YVHQq_NfHwI/AAAAAAAA4Z8/HinmNVyVOAAZK64q2-sVib6EEXsbg6HCQCLcBGAsYHQ/s728-e100/ 4 KB
5 KB 39ms
39ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-b2ieWo0PeVw/YVHQq_NfHwI/AAAAAAAA4Z8/HinmNVyVOAAZK64q2-sVib6EEXsbg6HCQCLcBGAsYHQ/s728-e100/rewind-2-728.png

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb598b721ac01aa9c68f83ad7ca507819ea93d236dd2e11433513a8da5d0cbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60842
cf-polished: origFmt=png, origSize=5636
x-forwarded-for: 185.209.196.134
content-disposition: inline; filename="rewind-2-728.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4426
x-xss-protection: 0
expires: Wed, 02 Feb 2022 17:27:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "ve1a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pANu5%2F%2FtKmByltG87lvtf45IfDFr4THJonwlrNhNJL74n4KngtfNAS%2FSMjiA3YmJFp%2B52jJNgutigGY7IO9XFJg6MYdyiRXa93KT2vom%2BcyvpmsmkqfxDdCf3CGPPK8h7U97SXINfb6T4AWbHMwg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b77d49d6ed-FRA
access-control-expose-headers: Content-Length

GET
H2 200 AVvXsEio3Ozp339svnJMYCSHeeGkiMJwgMWxTa_7Htua5-cOe-hOS54HgUVsdXrAZSMWzt4tTo16NKMkit-7jkStzpLVt1sFkvCT_mL5j-zBFWBJL-N6OFVsJsKlemBbVEs-juMZALT4BTdQkX-YsbUFRdAqynyuFeAKm4zC75lojuteZYizyoDtx3rdnknY=w72-...
thehackernews.com/new-images/img/a/ 1006 B
2 KB 24ms
24ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEio3Ozp339svnJMYCSHeeGkiMJwgMWxTa_7Htua5-cOe-hOS54HgUVsdXrAZSMWzt4tTo16NKMkit-7jkStzpLVt1sFkvCT_mL5j-zBFWBJL-N6OFVsJsKlemBbVEs-juMZALT4BTdQkX-YsbUFRdAqynyuFeAKm4zC75lojuteZYizyoDtx3rdnknY=w72-h72-p-k-no-nu

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4b108456a80a95d52c740c71471e978360f02d72f1fd74d6c37cc9486c1b556

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61427
cf-polished: qual=85, origFmt=jpeg, origSize=2276
x-forwarded-for: 185.185.195.254
content-disposition: inline;filename="phishing-kit.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1006
x-xss-protection: 0
expires: Sat, 30 Oct 2021 13:57:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v109d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QI67kcw5SdN8cIOOnz5Q81fgdnbu8yL3SK1UIKM%2B9QWllt77VtIxXXzXZPKpN2gw1KFNxiNp9miL82D%2FOcm6vDrUMAehiR%2FLK%2BOzvkud7kmTERkm%2BGpld6thNzayJgpapLPMwz%2BoY0tcLJfBpq7k"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b77d4cd6ed-FRA
access-control-expose-headers: Content-Length

POST
H2 204 AGSKWxVkILkUy2liYozgWvizhHP7ine9Z7awcYxi6Bn_UupeEzSa5m1PW3dmY82wBjxvNNRLVyuHDs_BK81ymvDZQJgyHwEMcuLb8d3ervO21YyE6oJj7hb5X86YPMC45k8_0IeyfLaB6kXzLozF0eM0uI_ieSdATdClRUFTpJPk-t2kAdGwQ37kDvN8_ylQ Show response
fundingchoicesmessages.google.com/el/ 0
365 B 22ms
22ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVkILkUy2liYozgWvizhHP7ine9Z7awcYxi6Bn_UupeEzSa5m1PW3dmY82wBjxvNNRLVyuHDs_BK81ymvDZQJgyHwEMcuLb8d3ervO21YyE6oJj7hb5X86YPMC45k8_0IeyfLaB6kXzLozF0eM0uI_ieSdATdClRUFTpJPk-t2kAdGwQ37kDvN8_ylQ?dmid=970e7566fd7b1e49

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.bHtV6pdYNNI.es5.O/d=1/rs=AJlcJMxBBcVtdWrpE77LK9RWcJfervFNOQ/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iulyIvc+0Xv0pLxFmZj1yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-iulyIvc+0Xv0pLxFmZj1yQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-iulyIvc+0Xv0pLxFmZj1yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-iulyIvc+0Xv0pLxFmZj1yQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxVkILkUy2liYozgWvizhHP7ine9Z7awcYxi6Bn_UupeEzSa5m1PW3dmY82wBjxvNNRLVyuHDs_BK81ymvDZQJgyHwEMcuLb8d3ervO21YyE6oJj7hb5X86YPMC45k8_0IeyfLaB6kXzLozF0eM0uI_ieSdATdClRUFTpJPk-t2kAdGwQ37kDvN8_ylQ Show response
fundingchoicesmessages.google.com/el/ 0
364 B 21ms
21ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-riqDRPiibOM2QXkXqZE5gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-riqDRPiibOM2QXkXqZE5gg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-riqDRPiibOM2QXkXqZE5gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-riqDRPiibOM2QXkXqZE5gg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 54 KB
4 KB 60ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19758768b39478011e3bffe48da9342b878f6416af499fe8f1a08259ec6c17c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 07:01:26 GMT
server: ESF
date: Sat, 30 Oct 2021 07:01:26 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 07:01:26 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame CFE3 495 KB
90 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 07:01:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 56ms
56ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html&pid=RgN8GkFINHAMs&cb=0&ws=1600x1200&v=7.69.01&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889203%22%7D%5D&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: TNJTY0TQ911AKNH399NF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thehackernews.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: MgkajUaNCca5VJ3g7YoBBp5heNWHSUXEh0IKuHjBmvzR65eYSrPhIg==

POST
H2 204 AGSKWxVkILkUy2liYozgWvizhHP7ine9Z7awcYxi6Bn_UupeEzSa5m1PW3dmY82wBjxvNNRLVyuHDs_BK81ymvDZQJgyHwEMcuLb8d3ervO21YyE6oJj7hb5X86YPMC45k8_0IeyfLaB6kXzLozF0eM0uI_ieSdATdClRUFTpJPk-t2kAdGwQ37kDvN8_ylQ Show response
fundingchoicesmessages.google.com/el/ 0
362 B 47ms
47ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-62sNcAVQvC8au+cJsbsDFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-62sNcAVQvC8au+cJsbsDFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-62sNcAVQvC8au+cJsbsDFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-62sNcAVQvC8au+cJsbsDFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 86ms
20ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://thehackernews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://thehackernews.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1647
date: Sat, 30 Oct 2021 07:01:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 288ms
19ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211030

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1631637442652.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

685df4d5cf060fe847afa24bfd796d5302e559451f32322eb1c83d19e6fa132c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14420
x-jsd-version: 1.0.1145
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19152-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69b-xM+sftEdGOGs4G0QC061UlQ3kbw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a62c5b9acd2c2db-FRA

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=cbkLLHxBUFBQYnBEK0o4NzRGVmVFQmlkQUZKZVZoc0JMTThaQXFBbE5qQzVYeldPS0pTampIZW9ndFlCaUNhRDNkWFFmUHZzK0x6MUszTzIzZEV0STN6MFM4eVRBWjV1ZnVmZlpTMFBtdERaSk8vc242WmxvRUNJOEZoZU...

353 B
608 B

43ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cbkLLHxBUFBQYnBEK0o4NzRGVmVFQmlkQUZKZVZoc0JMTThaQXFBbE5qQzVYeldPS0pTampIZW9ndFlCaUNhRDNkWFFmUHZzK0x6MUszTzIzZEV0STN6MFM4eVRBWjV1ZnVmZlpTMFBtdERaSk8vc242WmxvRUNJOEZoZUVhaGJ3czg4dm5hb0xBNG95Mk5aS2t2US9zc2NPK2lVdDNlQlFPZnBKUXhpY3FUUW1DOCt0Z0tNWHB1R29LL3hIOHNCOEJmakFyZmhTY2tSc0lkWmpEZnpHTGkxaTVLVkhINWxUQ0dIWU1NVXc5OTZyNW9JPXw&cppv=2

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

99159220e1ef10215849fb61fd67e84e387ec86ef043c4870106d669290d1a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 30 Oct 2021 07:01:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2403
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 30 Oct 2021 07:01:25 GMT
location: https://mug.criteo.com/sid?cpp=cbkLLHxBUFBQYnBEK0o4NzRGVmVFQmlkQUZKZVZoc0JMTThaQXFBbE5qQzVYeldPS0pTampIZW9ndFlCaUNhRDNkWFFmUHZzK0x6MUszTzIzZEV0STN6MFM4eVRBWjV1ZnVmZlpTMFBtdERaSk8vc242WmxvRUNJOEZoZUVhaGJ3czg4dm5hb0xBNG95Mk5aS2t2US9zc2NPK2lVdDNlQlFPZnBKUXhpY3FUUW1DOCt0Z0tNWHB1R29LL3hIOHNCOEJmakFyZmhTY2tSc0lkWmpEZnpHTGkxaTVLVkhINWxUQ0dIWU1NVXc5OTZyNW9JPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1684
content-length: 482
expires: 0

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v113/ 113 KB
113 KB 62ms
13ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v113/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c2c69ba33a4d4eb53419c912ea55131208d76852cc632e2544833497d165bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:04:45 GMT
x-content-type-options: nosniff
age: 115001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115204
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 22:48:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 23:04:45 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 70ms
31ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 16:19:14 GMT
x-content-type-options: nosniff
age: 139332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 16:19:14 GMT

GET
H2 200 sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js Show response
pagead2.googlesyndication.com/bg/ Frame A5F6 35 KB
14 KB 309ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13525
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:17:07 GMT

GET
H2 200 sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js Show response
pagead2.googlesyndication.com/bg/ Frame EBF9 35 KB
13 KB 317ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13525
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:17:07 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame CFE3 3 KB
2 KB 488ms
170ms Script
text/javascript 63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=99&ttfrms=5&brid=3&brver=95.0.4638.54&bridua=3&bds=1&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&srcurlD=0&aUrlD=0&ssl=https:&dfs=471&ddur=11&uid=1635577286445919&jsCallback=dvCallback_1635577286445116&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html&fwc=0&fcl=155&flt=12&fec=4683&fcifrms=12&brh=2&sdf=2&dvp_epl=144&noc=4&ctx=607671&cmp=24935727&sid=5936378&plc=292495514&crt=144332127&btreg=485910716&btadsrv=doubleclick&adsrv=1&advid=6141273&tagtype=display&errorURL=https://tps.doubleverify.com/visit.jpg&auevent=__AP1_np_dv_47etya98yglPA__&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=9343415474.735094&dvp_tukv=1110298517.3219893&dvp_uuid=141352794.41799673&dvp_tuid=496272749410
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: c836f3df8b6055ecea4934f901eb5670764eddc85014708d1f2fbafbb448abc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/29/2021 7:01:26 AM

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ 0
23 B 62ms
62ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 AVvXsEjUDQlxDrLDgiD3bcNNdUqU7X_W07bPr_4YpEmc6g7ZQMcOx8HbNiShh7AJ_doBaLAdoEaWzaeqFqFqqvMMUkiwb7dSw81TuTXsmGmN8vUKxW3ZgUwoHYK4VkwtvDQABcZGAnJI2M5fPZuwrbkVBeY_ja6AgsApcarpug_aQOsQnMpmR9cr-4qlRuHb=w72-...
thehackernews.com/new-images/img/a/ 2 KB
2 KB 36ms
34ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEjUDQlxDrLDgiD3bcNNdUqU7X_W07bPr_4YpEmc6g7ZQMcOx8HbNiShh7AJ_doBaLAdoEaWzaeqFqFqqvMMUkiwb7dSw81TuTXsmGmN8vUKxW3ZgUwoHYK4VkwtvDQABcZGAnJI2M5fPZuwrbkVBeY_ja6AgsApcarpug_aQOsQnMpmR9cr-4qlRuHb=w72-h72-p-k-no-nu

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78fb5f9fe609023ae2d3ac22cc05905b3315c2a0477f43d2e12ebb8ccbbd8395

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56632
cf-polished: qual=85, origFmt=jpeg, origSize=2583
x-forwarded-for: 3.126.19.248
content-disposition: inline;filename="browser.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1774
x-xss-protection: 0
expires: Sat, 30 Oct 2021 13:58:01 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v10aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaBHUxQNjUPmnM7QcBbchXoljBo5IJXSOytp4zuWdkRRIUyOjPHdS8DQzD6ZaHBgZZAw7x%2FqBjlHxVkpFy9tCM5lq6SU3GBzB8K%2Fy6UthfabeFqqFROJSTrdObYCU1IS8Nc1TREVuZ1I%2BOAUgzbL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b8eec7d6ed-FRA
access-control-expose-headers: Content-Length

GET
H2 200 AVvXsEj1j0f9vvCKom-ieKlTv2nSYEv0y3dnMGBH-v5L2wGYEwlWJvfa9c37VgQTGq4ZezBz-H3AWCGFojrC7DsYULXIc0b8TJ23KWYrWpMJPjepkasL2dAROM1VBy0AMMTK0Oswl1I-Bk15JczsQ9LqiYLHx1y-8l33xvvLTONiFiKO69Onsznq5stUiLXf=w72-...
thehackernews.com/new-images/img/a/ 1 KB
2 KB 36ms
35ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEj1j0f9vvCKom-ieKlTv2nSYEv0y3dnMGBH-v5L2wGYEwlWJvfa9c37VgQTGq4ZezBz-H3AWCGFojrC7DsYULXIc0b8TJ23KWYrWpMJPjepkasL2dAROM1VBy0AMMTK0Oswl1I-Bk15JczsQ9LqiYLHx1y-8l33xvvLTONiFiKO69Onsznq5stUiLXf=w72-h72-p-k-no-nu

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8736cb93aa3da288664eb8b6fafa3ec1a3395f53215ce8784ac0dd9ef826e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61427
cf-polished: qual=85, origFmt=jpeg, origSize=2494
x-forwarded-for: 185.185.195.254
content-disposition: inline;filename="FIREFOX.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1146
x-xss-protection: 0
expires: Sat, 30 Oct 2021 13:57:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v10ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbYTCRPB7gK%2BJiT9VmfJbRyaTb5xWAk27sDdf7A2peFZJO03m6g2c6i4qA5hdSxULsqFlmmpEUHFyjiMp%2Bn1XerIVoY6t3bL4xrsyH%2FNBpzyiSuT6xQkJ6E%2FFRZKMhQtsFrt7pTDb7fjr%2Fhunhx4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b8eec9d6ed-FRA
access-control-expose-headers: Content-Length

GET
H2 200 AVvXsEgtKRS_cdo7uiRlI4IOP9kOZrSIZ969S6S288cDApu033k7pY4CurdqgQ_touqYpJlIgxbCb-j-PLL0SV0DMysCRv2Qr5xaEDujd4jGnB4swC79ZSvq9PzH26mzXDpzhO1paQPt_UVscuf4LTVoA39P84YyIliDFThYLr2uIxH8cc1aoqqFQGV32Dw4=w72-...
thehackernews.com/new-images/img/a/ 2 KB
2 KB 44ms
43ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEgtKRS_cdo7uiRlI4IOP9kOZrSIZ969S6S288cDApu033k7pY4CurdqgQ_touqYpJlIgxbCb-j-PLL0SV0DMysCRv2Qr5xaEDujd4jGnB4swC79ZSvq9PzH26mzXDpzhO1paQPt_UVscuf4LTVoA39P84YyIliDFThYLr2uIxH8cc1aoqqFQGV32Dw4=w72-h72-p-k-no-nu

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00ae70402b94abb831bff7a92ab5f99c36ed54fc3c09a1d395fad6e6ab15f342

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46896
cf-polished: degrade=85, origSize=2715, status=webp_bigger
x-forwarded-for: 2003:c2:771b:caac:5840:25fb:391f:30b3
content-disposition: inline;filename="ransomware.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1858
x-xss-protection: 0
expires: Sat, 30 Oct 2021 17:59:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v10be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCv4CXvyAzQBD5DaIvK%2FQdQq4xv%2FdSJwwf4LLOVlbcWit3FJaZjf%2Bo3cHUuRFquSrcgHx3ESzPXthVMqtz2iNIqgkXds2URtFU99dZIQKXM2u4PfWKeVjZ0eXFwkLz%2BGQ6IANmdIjNIpcBytcT%2BR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b8eecbd6ed-FRA
access-control-expose-headers: Content-Length

GET
H2 200 AVvXsEgMs77BPvPvj6P-3E7i08R8I_ixvGQZgvS5p1CxbhBqiARNzNLx3R6X1fYdCRjiQmZfLY3-6HUY_hPXAucE_jFVypFTV0HG0XIru72uSOfwfn3mMcLC9j6XyeOCF7We4fYjthQ17-YmGUSvhPWEOlnBXakT_9U8IYdpMKEB6GeCFMJI8ihho5D-6JUO=w72-...
thehackernews.com/new-images/img/a/ 2 KB
2 KB 42ms
41ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEgMs77BPvPvj6P-3E7i08R8I_ixvGQZgvS5p1CxbhBqiARNzNLx3R6X1fYdCRjiQmZfLY3-6HUY_hPXAucE_jFVypFTV0HG0XIru72uSOfwfn3mMcLC9j6XyeOCF7We4fYjthQ17-YmGUSvhPWEOlnBXakT_9U8IYdpMKEB6GeCFMJI8ihho5D-6JUO=w72-h72-p-k-no-nu

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

117f09a9ed666a366063215e511957ddab4f2f5f9d64c6b24b01028cb2d0cfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34944
cf-polished: qual=85, origFmt=jpeg, origSize=4010
x-forwarded-for: 2a0b:f4c2:2::40
content-disposition: inline;filename="chrome-update.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1790
x-xss-protection: 0
expires: Sat, 30 Oct 2021 21:19:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v10c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QF5AKKuQDRzwCU4uOUuFNqeU2D0y2fYn8QGxacdQx0eeKWOgh2rFGzMEG9%2FwOKPl4s33APSgMm9qx1b13gmLPIWvcit%2FJW6jc%2FtNLk%2BAtcTm05RNeSu4UublY6kSjpCJoLd0Uqz5jjd050hn28d5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b8eecdd6ed-FRA
access-control-expose-headers: Content-Length

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 85ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1027
date: Sat, 30 Oct 2021 07:01:26 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 AVvXsEg8HqgMoSh8I0NuToWiC3CPNqgwcHQK5QIWnKK5o7OdbI7vij_pU5PwCCvN__URehnsSFtKLHgIZZTUCu2c0R1mM-ssS1pxgSUvCtcsfBa7gZu7wrBA8OwM7Q-zywj_2IPG8YhYtm5zqsoLDSJ0WBfPqbBJmQSPZs6E_3shDT2980nuTMFFTz4nf_AF=w72-...
thehackernews.com/new-images/img/a/ 1 KB
2 KB 24ms
24ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/a/AVvXsEg8HqgMoSh8I0NuToWiC3CPNqgwcHQK5QIWnKK5o7OdbI7vij_pU5PwCCvN__URehnsSFtKLHgIZZTUCu2c0R1mM-ssS1pxgSUvCtcsfBa7gZu7wrBA8OwM7Q-zywj_2IPG8YhYtm5zqsoLDSJ0WBfPqbBJmQSPZs6E_3shDT2980nuTMFFTz4nf_AF=w72-h72-p-k-no-nu

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10480fe2f1ebf5d7e8a856b4fc4653ede148b91500c030d06224be02f659b8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61427
cf-polished: qual=85, origFmt=jpeg, origSize=2683
x-forwarded-for: 185.185.195.254
content-disposition: inline;filename="npm.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1398
x-xss-protection: 0
expires: Sat, 30 Oct 2021 13:57:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "v1096"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp2ZREDRqu0XYHBfHbJVMLmC7VdcnQpGzxzCXXv7aGGQt9b4EFvxKrHB1KOIEhVdYDhCU06ftX4RS%2B09hRJwex%2FXLgm83mB%2BTVBH8CrvH2NgzazWQTMxP7DlMVACm63l9VzXEL4UNZmgv6ZGKeJ8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6a62c5b9afa2d6ed-FRA
access-control-expose-headers: Content-Length

GET
H/1.1

200
OK

event.png
tps11008.doubleverify.com/ Frame C894
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tps11008&param=akipv6&impid=ab4744678f644abfb91cf6fd6dbc6a8a&cbust=1635577286834280
https://tps11008.doubleverify.com/event.png?impid=ab4744678f644abfb91cf6fd6dbc6a8a&akipv6=2a0f:9441:5:0:e5::1

67 B
322 B

568ms
154ms

Image
image/png

63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps11008.doubleverify.com/event.png?impid=ab4744678f644abfb91cf6fd6dbc6a8a&akipv6=2a0f:9441:5:0:e5::1
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=0
Content-Length: 98
Expires: 10/29/2021 7:01:27 AM

Redirect headers

Location: https://tps11008.doubleverify.com/event.png?impid=ab4744678f644abfb91cf6fd6dbc6a8a&akipv6=2a0f:9441:5:0:e5::1
Date: Sat, 30 Oct 2021 07:01:26 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

event.png
tps11017.doubleverify.com/ Frame CFE3
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tps11017&param=akipv6&impid=0f7fd6b6af81472abae8e619fa7e0932&cbust=1635577286944761
https://tps11017.doubleverify.com/event.png?impid=0f7fd6b6af81472abae8e619fa7e0932&akipv6=2a0f:9441:5:0:e5::1

67 B
322 B

477ms
154ms

Image
image/png

63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps11017.doubleverify.com/event.png?impid=0f7fd6b6af81472abae8e619fa7e0932&akipv6=2a0f:9441:5:0:e5::1
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
Protocol: HTTP/1.1
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=0
Content-Length: 98
Expires: 10/29/2021 7:01:27 AM

Redirect headers

Location: https://tps11017.doubleverify.com/event.png?impid=0f7fd6b6af81472abae8e619fa7e0932&akipv6=2a0f:9441:5:0:e5::1
Date: Sat, 30 Oct 2021 07:01:26 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBF9 0
121 B 43ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B24a6xu18YY2LA8fr3wPJ0YqAAwAAAAA4AeAEAg&bg=!d3SldDDNAAZzbWp4c207ACkAdvg8WslUF_i7QGb5qhTXLXSRVZPeK88gsj3SKvwWyJf82o5BUKppagIAAACOUgAAAA1oAQcKAL9WRE9iKtGxbhCAT_ov-IKId9TKXT25-1tLNqhzYN7KA_f8SYIskihvohF6x_5vbS8qucgxYHgfHRC4-MLuKBDXDhZbFODc4kjTh2V8mX6ouw-yCp6ump8f4ex86QsPEviaILEVvReVP246UuVXMPuOfB1WRxcvJ16BrulF1yZJZR6-b9nE51RAj1jm5WZc9YQScITYBLWVZ9X7_BkyUBlXg1Pkg_IGAiPhWHyRRFqyJRJiUoDFgWEoXxj3KrwSG5kCw7FdwIcArm7nlg0R8MBEwroLcr17-Og35EhkyDXafWvSbUeB7NdQdGWzH6G5RF4THQfXoc8sk73J-FQZTVzN5yLhTN1Rnt6nODN1K1RJ0e5SDZmrMm6c7OAdJyqcvZO6cBFLHqY1obvpFD_6AyqRAKzZjzAB8XtgcSOYyz5RJvQ6EXcB0StfmiUUx5ri2VTlvUag-cVgchPXtIpVrg3m_tUZBAwzVTrwrO3COu0UGoD55FXy6_RPlQhihRVSwXF9rTfAA9zD_vAznfJ6_QREy5DSBhCUh0hMETEzgdqAmSOTSUghzp01kEXZDCALILo8LPD_-a7yWD9ug4rMgYdAIVHci9yLTwih5x3agkADlKTWyM9r-ZPyXMLgrRWidi_3h9EADiORx9ZtKgkyRFi_FgJ8bM2xoZeSBa74nH5Gk_hHhpO3ZKQktxYXkw7IXoZXLZgPBM9bakCtEeQTTOu60AET40X7HXzuYRr_Ghv8gNmt-GcwLMFlnabt3G77Ifp-r55MfBiAQE8H4iOicKGXCT8hCphZCwXnQX4X96afjO_EwkJWndLFMeHOK1yhgIl-Xoxjlt-vnfcDSX-vX2yBV4TX6T7fo_4M4hhL7SoMkK_MeystcXelybegLBxV8DvuoVmEBng_3j5rNPIIpzR3zsjnXDyFcXU0F0R0YgMqLYaamYN0YYtTd4E5c5Zej51NfnuXyR5ssXWBj5Z9u3fEX5oISc2Y7Ohcmb046u8kWS3n6XFAgqclBg1WJlaqhthQPK_3MXluVuXpaubxrPdJ4hK3rGpMreoRVCl6LC3h2nNT_ps-YnNekVTB9kuLwalyIqL6eNO23mdSlvZC_6_ygkJ7hJ9qvBBTwURyZAXFbPOKfoBNmYguP9LoKW5ievGsaQXPYfHEEEflpAkvjGjo7mDSBbNrIv99kHp9d8sVrH1mPe9D

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5F6 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJP2bxe18YaqJOsfr3wPJ0YqAAwAAAAA4AeAEAg&bg=!YmGlYSXNAAZzbWp4c207ACkAdvg8Wr1AjEziST7NypsOrv5yPufjsnGI_dGbIXfoEGjepcg8IvSrNgIAAACrUgAAAAxoAQeZAsz-b9Bi5-1x9GvXvM5Ln-fOTK57DrzsFDKFaF2ZHTty7-lawBPUHFBNqcECnV8_I8zT8cLU4PpKlIzVF5cZFwAjV_GwLs0v0XdP1itoJJMhKMzamO1ptsVZ--tJ9E57Dqu47MEfzd2JbbDN8mowrLitpOpeHUal9fRKtmrqhe01NGqUOehTF0_0I-oXLT0ULX3EmthutoO-X9bmpMCzykDWpmzto5jVTZ173Iq91AQ7YS5Gf6NnCsDqzqvcU8Vq9i43-11uh2vg6u7fHqqFmS3O35sr_0CKTXv7czw1huN5jin6qcKrc37Y7hOiBVD4Xd43VA6jmdDYL4Z3DS1MWfCGCixt8jLEjLrvpW3a6HhGAHFwPAX_D0IpSXWxsyMrXV9JkcaJSJJWhnAfSZwFBGNXvdPCqiipFThLPz4oVX5Ncl_S7Ok3YaOr6b2Io-aJcYuu5bJ38JRv8NSM-RMy5KFyGziTrXMvmhlU2hCWtPELF0F8F2KDkiKKL8pu-zCchYEo1lXlc4_ApzUoWidbnfGJiUd46AGGGVjTjC4_Rs8KKXr_Q4URLB_UT-g1ZVU78t6u6E4X7D3jfIlCIrmcDWxzZu5yb7Ky7TZhpQIBbFt3QWBeTzN05CmLzgCp8nvi4wB7lEEnFocl6nMG31IJaviEuAlq9dLdn4N6Rarvm9e87jwQOCcV3U5ByTp-7g6Hf08hlKdUefFMcjWyUrfxjVqstSKEtYQKTnwpkL3XC8PUp-tCSrjtJC8vXhET7871p75HKsrgh9R4KmI4eqST7_kYz3p1Xr2I0_4WnkxJkeV95zeENzQcMrJwd94pmbuDYVwWXpXY8FAAUAKh7R7EjxOWjRc_c-w0OeHfsCELD_vnhYEyE642q6kKJxIzHboaIEFGdGK4ox4vhFALDredxLduHJ5zVmnmUi4v8sWzMT1K8NIaxKGP1tRmuK2oBg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
497 B 77ms
48ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQU1OM0y5iQdxPUm0iNPG_4SbOGn2amHzyKd7MjPPgeKk_FA0rmmE9QEPKifSj_S73o3f_-k-X1VyVn33-aUA&sig=Cg0ArKJSzI06AlElZHZ3EAE&id=lidar2&mcvt=1000&p=471,1031,721,1331&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=473486474&rs=6&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635577285519&rpt=632&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 07:01:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 13ms
12ms Ping
image/gif 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=46ad5053b46b41daabfd4bbfb7f620af&pltfrm=Linux%20x86_64&cbust=1635577287839589
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/29/2021 7:01:27 AM

POST
H/1.1 200
OK event.png
tps11008.doubleverify.com/ Frame C894 67 B
418 B 155ms
155ms Ping
image/png 63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11008.doubleverify.com/event.png?impid=ab4744678f644abfb91cf6fd6dbc6a8a&gdpr=&gdpr_consent=&dvp_gdv2_Func=1&dvp_gdv2_Applies=1&dvp_gdv2_Succ=1&dvp_gdv2_Dur=0&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&dvp_t1stMsgB=280&vdur=578&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=11&tetms=8&msltms=53&vltms=578&sei=289&vetms=25&engms=1&engisel=1&ttfurm=2621&cbust=1635577288834159
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/29/2021 7:01:28 AM

POST
H/1.1 200
OK event.png
tps11017.doubleverify.com/ Frame CFE3 67 B
418 B 156ms
155ms Ping
image/png 63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11017.doubleverify.com/event.png?impid=0f7fd6b6af81472abae8e619fa7e0932&gdpr=&gdpr_consent=&dvp_t1stMsgD=54&vdur=489&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=11&tetms=7&msltms=26&vltms=489&sei=289&vetms=9&engms=1&engisel=1&ttfurm=2503&cbust=1635577288944769
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/29/2021 7:01:29 AM

POST
H/1.1 200
OK event.png
tps11008.doubleverify.com/ Frame C894 67 B
418 B 156ms
156ms Ping
image/png 63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11008.doubleverify.com/event.png?impid=ab4744678f644abfb91cf6fd6dbc6a8a&gdpr=&gdpr_consent=&msrcanlm=202&msrcannum=8&eoid=10&ismms=29&isumms=28&isvelg=1&nvr=6&elmtp=6&isbxdms=2628&b11=2766&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2766&sftb=2766&msrdp=12&naral=192&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=928&isuiabvms=928&ispmxpms=928&engalms=27&engscrlms=31&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1635577289833779
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/29/2021 7:01:29 AM

POST
H/1.1 200
OK event.png
tps11017.doubleverify.com/ Frame CFE3 67 B
418 B 155ms
155ms Ping
image/png 63.251.109.138
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11017.doubleverify.com/event.png?impid=0f7fd6b6af81472abae8e619fa7e0932&gdpr=&gdpr_consent=&msrcanlm=202&msrcannum=8&eoid=10&ismms=20&isumms=20&isvelg=1&nvr=2&elmtp=6&isbxdms=2520&b0=2621&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2621&sftb=2621&msrdp=8&naral=192&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=20&engscrlms=31&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1635577289944166
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.138 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 07:01:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/29/2021 7:01:30 AM

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144230506_292494536&js=st0

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.agkn.com/	1970-01-20 07:05:13	Name: ab Value: 0001%3AQavLnwlQj%2FZHrw2mviOyYSF5OMH%2BebPu
.doubleclick.net/	1970-01-20 07:41:13	Name: IDE Value: AHWqTUk1Rmv4Bb7-ZG2oQOC_0JQp3rX20KOE5_7agQZ4tGzr7MiVXoN25ss0uf_ajZE
.agkn.com/	1970-01-20 07:05:13	Name: u Value: C\|0EAgpD6pGKQ-qRgAAAAABAQAtAQfm-AQAAQAHAAAAAAF8fS___x4AAAAAAFqU-gAAAAARbyCaAAAAAAiaVV8AAAAAHPZovAA
.thehackernews.com/	1970-01-19 22:20:20	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1635577286181]]
.demdex.net/	1970-01-20 02:38:49	Name: demdex Value: 41424520243861442820959293352237812355
.att.demdex.net/	1970-01-20 02:38:49	Name: att Value: 41424520243861442820959293352237812355
thehackernews.com/	1970-01-19 23:02:49	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thehackernews.com/	1970-01-19 23:02:49	Name: _pubcid Value: 4e046786-d594-4e36-a723-1a2142d753d5
thehackernews.com/	1970-01-20 07:41:13	Name: cto_bidid Value: wy3NrV82RVpTazFKcWFOcHRDOGtZUDc2VUZSTXhOWldjZiUyRnZkSCUyQmJpbTJmdlRWWUdRcFVyOXlQd0VPSUc1Mjk2enJPUmZWUWslMkJQSWE4TFE0bmtsOUQ2S3pzdyUzRCUzRA
thehackernews.com/	1970-01-20 07:41:13	Name: cto_bundle Value: uj7Bll9ZUGttdjZJS0F1ZGRYTUJra3AyZFp4TzJrSzNIM1UydklPNnR0TkY5aiUyQk0lMkJHNENZMWlFeG04MUhXUUlyQ1F1a1JzWnlZcDJITkZFdFY0YmlLJTJCRFpvNXV4TkNmQ01JNXY5TlI5JTJCSERtVmc5bE5EMHVZOVI3Sk5DSWJNJTJCU3l4aGQ

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_72684273786&jsTagObjCallback=__tagObject_callback_72684273786&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=72684273786&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=95&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=12&fec=401&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&dvp_exetime=14.30&callbackName=__verify_callback_72684273786, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_72684273786&jsTagObjCallback=__tagObject_callback_72684273786&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=72684273786&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=95&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=12&fec=401&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&dvp_exetime=14.30&callbackName=__verify_callback_72684273786, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 15) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v81.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 15) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v81.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/impl_v81.js(Line 35) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=81.235;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=473486474;ord=9c2w61;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=17;prcl=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/impl_v81.js(Line 35) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=81.235;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=473486474;ord=9c2w61;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=17;prcl=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_974166373062&jsTagObjCallback=__tagObject_callback_974166373062&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=974166373062&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=95&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=4&brh=2&fwc=0&flt=12&fec=494&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&dvp_exetime=14.30&callbackName=__verify_callback_974166373062, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_974166373062&jsTagObjCallback=__tagObject_callback_974166373062&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=974166373062&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=95&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=4&brh=2&fwc=0&flt=12&fec=494&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau%60_Tau%3F6H%5CD9C%40%40E%3D6DD%5C3F8%5C4%40F%3D5%5C%3D6E%5C2EE24%3C6CD%5D9E%3E%3D&dvp_exetime=14.30&callbackName=__verify_callback_974166373062, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 15) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v81.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 15) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v81.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/impl_v81.js(Line 35) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=81.235;sz=728x90;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=2498785000;ord=0d8h02;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=1;prcl=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/impl_v81.js(Line 35) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=81.235;sz=728x90;u_sd=1;nel=1;u=__AP1_np_dv_47etya98yglPA__;dc_adk=2498785000;ord=0d8h02;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F10%2Fnew-shrootless-bug-could-let-attackers.html$0;xdt=0;crlt=0Fuf-P!yX5;sttr=1;prcl=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
att.demdex.net
c.amazon-adsystem.com
cdn.adpushup.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdn3.doubleverify.com
choices.truste.com
code.jquery.com
d.agkn.com
e3.adpushup.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads4.g.doubleclick.net
gum.criteo.com
mug.criteo.com
pagead2.googlesyndication.com
rtb0.doubleverify.com
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
thehackernews.com
tpc.googlesyndication.com
tps.doubleverify.com
tps11008.doubleverify.com
tps11017.doubleverify.com
tps20519.doubleverify.com
www.googletagservices.com
choices.truste.com
13.32.121.66
142.250.185.66
142.250.186.166
172.217.18.98
178.250.2.146
2001:4de0:ac18::1:a:3b
213.254.244.22
23.97.225.52
2600:9000:223c:e800:6:44e3:f8c0:93a1
2606:4700:20::ac43:4615
2606:4700::6810:5714
2606:4700::6812:1cad
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::200a
2a02:2638::1c
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:2b2::4469
3.124.136.236
34.241.163.173
52.222.210.175
63.251.109.138
00ae70402b94abb831bff7a92ab5f99c36ed54fc3c09a1d395fad6e6ab15f342
068a10c134968f5b4e31e5bbbe09435b445e451903424098699c484b7d1b25ba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c2c69ba33a4d4eb53419c912ea55131208d76852cc632e2544833497d165bc3
10480fe2f1ebf5d7e8a856b4fc4653ede148b91500c030d06224be02f659b8e3
117f09a9ed666a366063215e511957ddab4f2f5f9d64c6b24b01028cb2d0cfb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135e50ad100bb2f23cce5873215f29efed5b28a17c8b75cf3fe4f49e4a800142
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
19758768b39478011e3bffe48da9342b878f6416af499fe8f1a08259ec6c17c8
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2caac00e5fb95483fc57c9683c105bcdc05bdfe49d73e00bac03fa9500b53d36
37ea4e3cdb73ba9b661c66581848e741d0d18e03ef8fdd819c5334cec1f45e7b
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
3e2662d2cc5114073ccdc2611e908b3b51990027b5cbb651c69954274e2123db
3ed58d405cc30d0472d4deed639ea4696b1c7e5614cc8f91b474142d36b1e697
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5
66ddc83b882e93d386ef9de2bf36a596126e78038a65e4334b649831efd77566
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
685df4d5cf060fe847afa24bfd796d5302e559451f32322eb1c83d19e6fa132c
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74703b7991fb1785f4a70639c48f071bc9881ef0a0c5671f46d0e985efb55373
779a3b67fb00740599779f11fb2d0f3568f73b481a039bc67014b88f3b4ad80b
78fb5f9fe609023ae2d3ac22cc05905b3315c2a0477f43d2e12ebb8ccbbd8395
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
862ea3498f79ac3ed29974e7fc1499eede75cf3f2b073fb114c1346dea9c25aa
865537f3b7a434f16cfad91bd75b8a288327d88101285c0db8d18cdf9411afb4
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
99159220e1ef10215849fb61fd67e84e387ec86ef043c4870106d669290d1a86
a385664fb9f4c540c34bc30f4efc84304b209ed79a312ca23e5986f6a1a45bd6
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
ab29afad00f0a61ad3da4e69cd616d824f03c14ec53fa7098ebba35051d346cd
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
b6285dce6b9fb557bd0c15683c62f9be0f2e0b760086854b59c952791ba9e8ae
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c836f3df8b6055ecea4934f901eb5670764eddc85014708d1f2fbafbb448abc5
ca7443826efd71836bd0a97c5598927479fb8f00ffae72cfdbf3036598e52f66
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d4b108456a80a95d52c740c71471e978360f02d72f1fd74d6c37cc9486c1b556
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e216b65a6879e2f4c866c52cea7e911071ec4d55101456b89c3f0c2c5ee2bb35
e347611fba4d8147ceddeeed3ab85e1e1782154efcd134e35a2bdbb965abf904
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a
eb598b721ac01aa9c68f83ad7ca507819ea93d236dd2e11433513a8da5d0cbaf
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f5a7ac8c63f5a01e6ddb5c447114e396110f6e292bdb4e553c554bca240da112
f8736cb93aa3da288664eb8b6fafa3ec1a3395f53215ce8784ac0dd9ef826e78
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

thehackernews.com Open in urlscan Pro 2606:4700:20::ac43:4615 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

98 Requests

93 %HTTPS

59 %IPv6

19 Domains

30 Subdomains

28 IPs

6 Countries

1418 kBTransfer

3946 kBSize

10 Cookies

33 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:4615 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

93 %
HTTPS

59 %
IPv6

19
Domains

30
Subdomains

28
IPs

6
Countries

1418 kB
Transfer

3946 kB
Size

10
Cookies

98 HTTP transactions
8 data transactions