thehackernews.com Open in urlscan Pro
2606:4700:20::681a:61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thehackernews.com/2020/07/docker-linux-malware.html
Submission: On July 28 via api (July 28th 2020, 1:14:36 pm UTC) from US

Summary HTTP 93 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 29 domains to perform 93 HTTP transactions. The main IP is 2606:4700:20::681a:61, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:20:... 2606:4700:20::681a:61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
5	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4 5	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	2600:9000:214... 2600:9000:214f:9000:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	34.243.136.226 34.243.136.226	16509 (AMAZON-02) (AMAZON-02)
2	213.254.244.19 213.254.244.19	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.19.162.51 213.19.162.51	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.229.190.46 54.229.190.46	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:fc00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	13.35.254.100 13.35.254.100	16509 (AMAZON-02) (AMAZON-02)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
93	40

14 2606:4700:20::681a:61 (United States)

ASN13335 (CLOUDFLARENET, US)

thehackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.22.6 (United States) 4 redirects

ASN15169 (GOOGLE, US)

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:9000:19:fc2c:a140:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.243.136.226 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

att.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.19 (Ireland)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.190.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:fc00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.100 (Seattle, United States)

ASN16509 (AMAZON-02, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com ade.googlesyndication.com	117 KB
14	doubleclick.net 5 redirects securepubads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net googleads4.g.doubleclick.net googleads.g.doubleclick.net	164 KB
14	thehackernews.com thehackernews.com	303 KB
6	adpushup.com cdn.adpushup.com e3.adpushup.com	222 KB
5	ampproject.org cdn.ampproject.org	109 KB
4	adnxs.com ib.adnxs.com acdn.adnxs.com	3 KB
4	demdex.net 2 redirects att.demdex.net	3 KB
4	googletagservices.com www.googletagservices.com	71 KB
3	google.com 2 redirects adservice.google.com www.google.com	403 B
2	criteo.net static.criteo.net	44 KB
2	facebook.com www.facebook.com	484 B
2	servenobid.com ads.servenobid.com public.servenobid.com	465 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	2 KB
2	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	2 KB
2	districtm.io dmx.districtm.io cdn.districtm.io	427 B
2	doubleverify.com tps.doubleverify.com	880 B
2	agkn.com 2 redirects d.agkn.com	1 KB
2	facebook.net connect.facebook.net	167 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	2mdn.net s0.2mdn.net	40 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	34 KB
1	jwplayer.com cdn.jwplayer.com	37 KB
1	1rx.io tag.1rx.io	274 B
1	criteo.com bidder.criteo.com	147 B
1	omnitagjs.com hb-api.omnitagjs.com	667 B
1	lijit.com ap.lijit.com	581 B
1	google.de www.google.de	106 B
1	google.nl adservice.google.nl	829 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
93	29

	Domain	Requested by
14	thehackernews.com	thehackernews.com ajax.cloudflare.com
11	tpc.googlesyndication.com	thehackernews.com tpc.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ad.doubleclick.net	4 redirects ajax.cloudflare.com
5	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net thehackernews.com
5	e3.adpushup.com	cdn.adpushup.com
4	att.demdex.net	2 redirects
4	pagead2.googlesyndication.com	ajax.cloudflare.com securepubads.g.doubleclick.net www.googletagservices.com
4	www.googletagservices.com	ajax.cloudflare.com s0.2mdn.net securepubads.g.doubleclick.net
3	51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ib.adnxs.com	cdn.adpushup.com
2	static.criteo.net	cdn.adpushup.com static.criteo.net
2	www.facebook.com	connect.facebook.net
2	googleads4.g.doubleclick.net	thehackernews.com
2	www.google.com	2 redirects
2	tps.doubleverify.com
2	d.agkn.com	2 redirects
2	connect.facebook.net	thehackernews.com connect.facebook.net
2	www.google-analytics.com	1 redirects thehackernews.com
2	s0.2mdn.net	thehackernews.com s0.2mdn.net
1	ade.googlesyndication.com
1	eus.rubiconproject.com	cdn.adpushup.com
1	ads.pubmatic.com	cdn.adpushup.com
1	public.servenobid.com	cdn.adpushup.com
1	acdn.adnxs.com	cdn.adpushup.com
1	cdn.districtm.io	cdn.adpushup.com
1	googleads.g.doubleclick.net
1	cdn.jwplayer.com	cdn.adpushup.com
1	ads.servenobid.com	cdn.adpushup.com
1	hbopenbid.pubmatic.com	cdn.adpushup.com
1	tag.1rx.io	cdn.adpushup.com
1	bidder.criteo.com	cdn.adpushup.com
1	hb-api.omnitagjs.com	cdn.adpushup.com
1	ap.lijit.com	cdn.adpushup.com
1	fastlane.rubiconproject.com	cdn.adpushup.com
1	dmx.districtm.io	cdn.adpushup.com
1	cdnjs.cloudflare.com	thehackernews.com
1	www.google.de
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	cdn.adpushup.com
1	cdn.adpushup.com	thehackernews.com
1	ajax.cloudflare.com	thehackernews.com
93	44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
deals.thehackernews.com
thehackernews.tradepub.com
www.instagram.com
t.me
www.virustotal.com
www.intezer.com
docs.docker.com
www.reddit.com
news.ycombinator.com
api.whatsapp.com
telegram.me
ad.doubleclick.net
go.thn.li

Subject Issuer	Validity	Valid
thehackernews.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-05-22` - `2021-10-29`	a year	crt.sh
*.adpushup.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-27` - `2022-08-29`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-07-08` - `2021-04-17`	9 months	crt.sh
*.google.nl GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2019-11-05` - `2021-12-13`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2021-02-17`	8 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
jwplayer.com Amazon	`2020-02-29` - `2021-03-29`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://thehackernews.com/2020/07/docker-linux-malware.html
Frame ID: 1609DD2953B22926771AD9865ABC1F61
Requests: 79 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8001AB476BC7C4DD8D924A6DA7CFDE0B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/8532760/1584914429519/728x90/GL-1602-ESG_728x90.html
Frame ID: D7D5509700E0E2EBE57FDE657F90184D
Requests: 1 HTTP requests in this frame

Frame: https://51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D6E5BF0A5FB93C3537157E76B1944C4F
Requests: 1 HTTP requests in this frame

Frame: https://51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 307DA2E677F61636A6B70AFFD89C4092
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js
Frame ID: 3A5BBA2D2A248C57AA27FF562395EF7F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 1634E82C54B7AC50CEDD9BFC7BC5724A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: FFF30A95F27DA7EED8708A83716A2E20
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: C7BF610C31536857844D58ADB0EE12B1
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 6F9153BCC9F30F6646033B5EC3233C58
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: ED1DFF13152585CE5C53DED17148F7A3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5B58BC99AEBA392DFE09F1027AD5521E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

93
Requests

100 %
HTTPS

50 %
IPv6

29
Domains

44
Subdomains

40
IPs

8
Countries

1402 kB
Transfer

3604 kB
Size

1
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thehackernews
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/thehackersnews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/thehackernews?sub_confirmation=1
Title: 

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/
Title:  Offers

Search URL Search Domain Scan URL

URL: https://thehackernews.tradepub.com/
Title: Free eBooks

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/free
Title: Freebies

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAADwuDObFWF60CiR-HQ
Title:  Telegram Channel

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/4aadb47706f0fe1734ee514e79c93eed65e1a0a9f61b63f3e7b6367bd9a3e63b/detection
Title: undetectable Linux malware

Search URL Search Domain Scan URL

URL: https://www.intezer.com/container-security/watch-your-containers-doki-infecting-docker-servers-in-the-cloud/
Title: shared

Search URL Search Domain Scan URL

URL: https://docs.docker.com/engine/security/security/
Title: Docker security practices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&text=Undetectable%20Linux%20Malware%20Targeting%20Docker%20Servers%20With%20Exposed%20APIs&via=TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html
Title: 

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&t=Undetectable%20Linux%20Malware%20Targeting%20Docker%20Servers%20With%20Exposed%20APIs
Title: Share on Hacker News

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Undetectable%20Linux%20Malware%20Targeting%20Docker%20Servers%20With%20Exposed%20APIs%20%E2%80%94%20https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html
Title: Share on WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&text=Undetectable%20Linux%20Malware%20Targeting%20Docker%20Servers%20With%20Exposed%20APIs
Title: Share on Telegram

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/466822266;272061659;p

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/jump/N424004.3381407THEHACKERNEWS/B23636320.272061659;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475

Search URL Search Domain Scan URL

URL: https://go.thn.li/LGPD-ebook

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/466825137;272416746;q

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/jump/N424004.3381407THEHACKERNEWS/B23636320.272416746;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475

Search URL Search Domain Scan URL

URL: https://go.thn.li/email
Title: Send emails as John DoeChoose who knows the real you by creating unlimited aliases on the fly with flexible expiry date. Try StartMail for free.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-2019-ethical-hacker-masterclass-bundle
Title: <img alt='Learn Ethical Hacking Online' class='deal-link' src='https://thehackernews.com/images/-6bFLF28Wvxc/XHaUg588fBI/AAAAAAAAAGU/USPKfrcXaLgzaOBfKGb92v-0T12CIaK9wCLcBGAs/s260-e100/learn-hacking-training.jpg'/> Ethical Hacking - Practical Training‎ 10 courses + 1,236 lessons on latest techniques, forensics, malware analysis, network security and programming.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/lifetime-access-to-stackskills-unlimited
Title: <img alt='Unlimited Secure VPN Service' class='deal-link' src='https://thehackernews.com/images/-NnUk1eJVmVk/XHggwOYT51I/AAAAAAAAzbg/_5sUNHfsdiYDo-si4rya7tVT4pSZI0qSACLcBGAs/s260-e100/unlimited-vpn.jpg'/> 1000+ Premium Online Courses With course certification, Q/A webinars and lifetime access.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-cybersecurity-expert-certification-training-bundle
Title: <img alt='Best Hacking Books' class='deal-link' src='https://thehackernews.com/images/-4fAuruXOrkE/XDW4dE5zVMI/AAAAAAAAy9A/K13EeHK67NM69FUaCYDYtunHofUHjtt4wCLcBGAs/s260-e100/hacking-cybersecurity-books.jpg'/> Cybersecurity Certification Training CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-complete-2020-comptia-certification-training-bundle
Title: <img alt='Cisco Certification Courses' class='deal-link' src='https://thehackernews.com/images/-2nVCe__qYkc/WxVG9s8C7CI/AAAAAAAAw6Q/fFsdOSE-DEYDqqf3z9KWus0oBWdbzAkAgCLcBGAs/s260-e100/cisco-it-networking-certification.png'/> CompTIA IT Certification Training Lifetime access to 14 expert-led courses.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/citizengoods-exclusives
Title: Exclusives

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-specialization-developer
Title: Development

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-interest-android
Title: Android

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;dc_pre=CKa7z7uD8OoCFWPmuwgdpIgObA;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://d.agkn.com/pixel/2388/?che=1371685786&col=23636320,5936378,272061659,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=1371685786 HTTP 302
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=1371685786 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=1371685786

Request Chain 38

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;dc_pre=COC-z7uD8OoCFX3juwgdNEML3A;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://d.agkn.com/pixel/2388/?che=950734230&col=23636320,5936378,272416746,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=950734230 HTTP 302
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=950734230 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=950734230

Request Chain 43

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1818915532&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&ul=en-us&de=UTF-8&dt=Undetectable%20Linux%20Malware%20Targeting%20Docker%20Servers%20With%20Exposed%20APIs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=101660157&gjid=99614431&cid=278814658.1595942058&tid=UA-27389293-1&_gid=445519926.1595942058&_r=1&z=567218194 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_gid=445519926.1595942058&gjid=99614431&_v=j83&z=567218194 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_v=j83&z=567218194 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_v=j83&z=567218194&slf_rd=1&random=1116781623

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

93 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request docker-linux-malware.html Show response
thehackernews.com/2020/07/ 130 KB
43 KB 290ms
269ms Document
text/html 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordPress VIP

Resource Hash

d633f334b4a0e8983d86a850c4f64232f0e090b063758ce2480f80f6d5be2908

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: thehackernews.com
:scheme: https
:path: /2020/07/docker-linux-malware.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jul 2020 13:14:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9698f2eab60a443ce80d582eb3f698971595942056; expires=Thu, 27-Aug-20 13:14:16 GMT; path=/; domain=.thehackernews.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 5b9edcc02fdfc2ea-FRA
cache-control: private, max-age=0
expires: Tue, 28 Jul 2020 13:14:17 GMT
last-modified: Tue, 28 Jul 2020 12:56:44 GMT
link: </css/roboto.css>; as=style; rel=preload
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 0437284c150000c2ea8c941200000001
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: WordPress VIP
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </css/roboto.css>

GET
H2 200 roboto.css
thehackernews.com/css/ 77 KB
57 KB 27ms
0ms Stylesheet
text/css 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/css/roboto.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2592000, immutable
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5b9edcc1cbf2c2ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437284d1b0000c2ea8c952200000001

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 9ms
8ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 23 Jul 2020 16:13:23 GMT
server: cloudflare
etag: W/"5f19b723-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5b9edcc1da1fdfd3-FRA
cf-request-id: 0437284d290000dfd369a68200000001
expires: Thu, 30 Jul 2020 13:14:17 GMT

GET
H2 200 docker-malware.jpg
thehackernews.com/images/-2TiXN7CHxUI/XyAb6N4knyI/AAAAAAAA3FU/FzVVgzygVOUFy806eNUMheOGk2zRVn2xwCLcBGAsYHQ/s728-e100/ 37 KB
38 KB 38ms
38ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-2TiXN7CHxUI/XyAb6N4knyI/AAAAAAAA3FU/FzVVgzygVOUFy806eNUMheOGk2zRVn2xwCLcBGAsYHQ/s728-e100/docker-malware.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

495eba74eafd04a31cd9b716f069d812159a4889ad2f1eccc60593523221befd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 940
cf-polished: origSize=39372, status=webp_bigger
status: 200
content-disposition: inline;filename="docker-malware.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38259
x-xss-protection: 0
expires: Thu, 05 Nov 2020 12:40:25 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdc56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 0437284d330000c2ea8c955200000001
accept-ranges: bytes
cf-ray: 5b9edcc1ec64c2ea-FRA
access-control-expose-headers: Content-Length

GET
H2 200 malware-attack.jpg
thehackernews.com/images/-I5eu-bAHeHM/XyAWJHURADI/AAAAAAAA3FI/SdUPu3AYy5sGwmi0r1zqfcWT0XjggGgfgCLcBGAsYHQ/s728-e100/ 34 KB
34 KB 38ms
37ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-I5eu-bAHeHM/XyAWJHURADI/AAAAAAAA3FI/SdUPu3AYy5sGwmi0r1zqfcWT0XjggGgfgCLcBGAsYHQ/s728-e100/malware-attack.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6cbd5e489f902c61f03aae4ab5dfcb51d4491708a943cebb423c4effa37cacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 935
cf-polished: origSize=34966, status=webp_bigger
status: 200
content-disposition: inline;filename="malware-attack.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34363
x-xss-protection: 0
expires: Thu, 05 Nov 2020 12:41:16 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdc53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 0437284d390000c2ea8c956200000001
accept-ranges: bytes
cf-ray: 5b9edcc1fc79c2ea-FRA
access-control-expose-headers: Content-Length

GET
H2 200 malware.jpg
thehackernews.com/images/-iPexh7UDXaE/XyAVBysth-I/AAAAAAAA3E4/6Y6mO7BVQBwAmJj26K8NUZX2BtMMZY08wCLcBGAsYHQ/s728-e100/ 28 KB
28 KB 34ms
33ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-iPexh7UDXaE/XyAVBysth-I/AAAAAAAA3E4/6Y6mO7BVQBwAmJj26K8NUZX2BtMMZY08wCLcBGAsYHQ/s728-e100/malware.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

332eba8e75af443013f6b2707c236c3350d3888147b534169887b58f8d09f666

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 935
cf-polished: origSize=30108, status=webp_bigger
status: 200
content-disposition: inline;filename="malware.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28736
x-xss-protection: 0
expires: Thu, 05 Nov 2020 12:41:16 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdc50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 0437284d390000c2ea8c957200000001
accept-ranges: bytes
cf-ray: 5b9edcc1fc7bc2ea-FRA
access-control-expose-headers: Content-Length

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/
Origin: https://thehackernews.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookienotice.js Show response
thehackernews.com/js/ 4 KB
1 KB 29ms
28ms Script
text/javascript 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/js/cookienotice.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1385fe6c7366b4ab71c2806b9d327c837c8b5d74e35aa762200da83feb6113a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 923
cf-polished: origSize=6513
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 11:21:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
cf-request-id: 0437284ee80000c2ea8c96d200000001
cf-ray: 5b9edcc4abd3c2ea-FRA
expires: Mon, 03 Aug 2020 15:11:06 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 5 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65db5303f62d2c876725bff7b36dfba6183b53fb1a54906fd1b75edf543bb4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 12:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jul 2020 13:50:28 GMT
server: sffe
age: 2895
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2482
x-xss-protection: 0
expires: Tue, 28 Jul 2020 13:26:02 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/37020/ 674 KB
221 KB 68ms
15ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/37020/adpushup.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 35e2b6e0587cfe3cb06f129c9512fa82df305949df748b0a12ecce752977abcb

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 31536000.000
x-cfhash: "accdb6f4b330655a8dc1915fe685f665"
x-cf1: 28371:fA.ams1:cf:cacheN.ams1-01:H
status: 200
content-length: 226131
x-cf-tsc: 1595166650
x-cf2: H
last-modified: Sun, 19 Jul 2020 13:40:46 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf4age: 12
accept-ranges: bytes
x-cf-rand: 39.998
expires: Tue, 28 Jul 2020 14:14:17 GMT

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c13c7f2ee9c8fab1d388a257ca989f8048d4824c99bfaad4f1253dfbd47726c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://thehackernews.com

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbcdfa3a64c9c5e932dfd9ad5a47ad84880085c84d47c5c70c0039726f671ee5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://thehackernews.com

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f09ef9feda96dc3acc6ebab8a047c5185bec952edebaff47a6e9112cab394a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://thehackernews.com

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 impl_v57.js Show response
www.googletagservices.com/dcm/ 24 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v57.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bf946c996d5d58f78feca7b8f75607020c348c716f38798bcdb57c24dfcb31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 12:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 May 2020 17:17:59 GMT
server: sffe
age: 89276
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10584
x-xss-protection: 0
expires: Tue, 27 Jul 2021 12:26:21 GMT

POST
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
268 B 103ms
37ms Other
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:17 GMT
status: 200
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 48 KB
17 KB 104ms
60ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dcc5c8a8b18c8d0c9dfa47536a3e83b116267c39a3428098d61542c5f146a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "584 / 492 of 1000 / last-modified: 1595887801"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16581
x-xss-protection: 0
expires: Tue, 28 Jul 2020 13:14:17 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 66ms
38ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1OTU5NDIwNTc4NzksInBhY2tldElkIjoiMDAwMDkwOUMtOWUxM2Q5MzEtYTYxYi00N2I3LTk3ZWQtNGIzMjI3ZjM3YjY0Iiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIwLzA3L2RvY2tlci1saW51eC1tYWx3YXJlLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiOTY3ZWNmYWQtYmY2Yi00MjllLTlhMzktOTc3MGM4YjdkMTg4Iiwic2VjdGlvbk5hbWUiOiJBUF9UX1JfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzk2N2VjIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF8zNzAyMF9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOTY3ZWNmYWQtYmY2Yi00MjllLTlhMzktOTc3MGM4YjdkMTg4Iiwic2VydmljZXMiOlsyLDNdfV19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:17 GMT
status: 200
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 65ms
37ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1OTU5NDIwNTc4ODQsInBhY2tldElkIjoiMDAwMDkwOUMtOWUxM2Q5MzEtYTYxYi00N2I3LTk3ZWQtNGIzMjI3ZjM3YjY0Iiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIwLzA3L2RvY2tlci1saW51eC1tYWx3YXJlLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiOGMyZDdmOTQtYTljNS00M2IyLTgzYTQtY2RjZjcxMWFlMDVlIiwic2VjdGlvbk5hbWUiOiJBUF9UX1JfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzhjMmQ3Iiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF8zNzAyMF9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOGMyZDdmOTQtYTljNS00M2IyLTgzYTQtY2RjZjcxMWFlMDVlIiwic2VydmljZXMiOlsyLDNdfV19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:17 GMT
status: 200
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
273 B 65ms
36ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1OTU5NDIwNTc4ODcsInBhY2tldElkIjoiMDAwMDkwOUMtOWUxM2Q5MzEtYTYxYi00N2I3LTk3ZWQtNGIzMjI3ZjM3YjY0Iiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIwLzA3L2RvY2tlci1saW51eC1tYWx3YXJlLmh0bWwiLCJtb2RlIjoyLCJlcnJvckNvZGUiOjUsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiUE9TVCIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:17 GMT
status: 200
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 B24029648.272043563;dc_ver=57.159;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4037400832;ord=f81yns;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html$0;xdt=0;crlt=Ei0ULhI... Show response
ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/ 32 KB
14 KB 98ms
48ms Script
text/javascript 172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/B24029648.272043563;dc_ver=57.159;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4037400832;ord=f81yns;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html$0;xdt=0;crlt=Ei0ULhIu.i;sttr=116;prcl=s?

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08147379576eb4b2d600391dd081b698798b23ede12a66076b230daae5b70544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 20ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200728

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

99169daf9e89c7a9b850f30ff9641e1e90c8050453d04c8b3d49cb7fd92c95bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 11381
x-cache: HIT, HIT
status: 200
content-length: 729
etag: W/"52a-kPjvKh5V3r3ZFlyuSqvZxpBAGJw"
x-served-by: cache-fra19177-FRA, cache-hhn4024-HHN
date: Tue, 28 Jul 2020 13:14:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
829 B 39ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=thehackernews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020072001.js Show response
securepubads.g.doubleclick.net/gpt/ 253 KB
89 KB 60ms
60ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 13:10:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91349
x-xss-protection: 0
expires: Tue, 28 Jul 2020 13:14:18 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_269.js Show response
s0.2mdn.net/879366/ 115 KB
40 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_269.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa562db5bcd3e435228ee73982745a848ec9ea48ffd2b7b23236ce5e379097c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/
Origin: https://thehackernews.com

Response headers

date: Tue, 28 Jul 2020 01:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43888
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40390
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 17:30:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jul 2020 01:02:50 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20200723/r20110914/elements/html/ 6 KB
3 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200723/r20110914/elements/html/omrhp.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98b3047cca6c09036e718abed042ca3cd035918616aa43ed0c4ae4ab317809e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 01:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2642
x-xss-protection: 0
server: cafe
etag: 4377571892113194532
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Aug 2020 01:51:04 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 17ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 09:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12238
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 09:50:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3519
date: Tue, 28 Jul 2020 12:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 28 Jul 2020 14:15:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: tIC3OuRGvo76EXLqoOE6V8gZ2c1bOeaSlyYot5E6peTtE9LZ4xNxcDABYngP4l1Id30nSVB6WQ2CFlwgHD0oZQ==
x-fb-trip-id: 2042748335
x-frame-options: DENY
date: Tue, 28 Jul 2020 13:14:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 17ms
15ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1OTU5NDIwNTgwMzUsInBhY2tldElkIjoiMDAwMDkwOUMtOWUxM2Q5MzEtYTYxYi00N2I3LTk3ZWQtNGIzMjI3ZjM3YjY0Iiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIwLzA3L2RvY2tlci1saW51eC1tYWx3YXJlLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiUE9TVCIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3Yzk3YWI3LWNjNDQtNGFmZC05NWZlLTcwMzk3YWY2OTJkNCIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzMwMFg2MDBfNzdjOTciLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwXzMwMFg2MDBfNzdjOTdhYjctY2M0NC00YWZkLTk1ZmUtNzAzOTdhZjY5MmQ0Iiwic2VydmljZXMiOlsyLDNdfV19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:17 GMT
status: 200
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 group-d-300.jpg
thehackernews.com/images/-FW8FQ7bo8OU/XqWaPcyOX_I/AAAAAAAA2ss/uTM1NQ29-akne_9Pk7Ya7nttYaB3aZTrgCLcBGAsYHQ/s728-e100/ 38 KB
39 KB 27ms
25ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-FW8FQ7bo8OU/XqWaPcyOX_I/AAAAAAAA2ss/uTM1NQ29-akne_9Pk7Ya7nttYaB3aZTrgCLcBGAsYHQ/s728-e100/group-d-300.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a943c20e71e31d1d479ba31ab53f0c4ebe258f81a4cbe5cf16b4a42afaac153c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 941
cf-polished: status=not_needed
status: 200
content-disposition: inline;filename="group-d-300.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39185
x-xss-protection: 0
expires: Thu, 05 Nov 2020 07:01:19 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdacf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 043728503d0000c2ea8c980200000001
accept-ranges: bytes
cf-ray: 5b9edcc6c892c2ea-FRA
access-control-expose-headers: Content-Length

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;dc_pre=CKa7z7uD8OoCFWPmuwgdpIgObA;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_chi...
https://d.agkn.com/pixel/2388/?che=1371685786&col=23636320,5936378,272061659,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d...
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=1371685786
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=1371685786

42 B
932 B

43ms
43ms

Image
image/gif

34.243.136.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=1371685786

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.136.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v076-07a9f7ec5.edge-irl1.demdex.com 5.74.0.20200727122545-PR_1451-SNAPSHOT 5ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Q+0quFAdQRQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vWt6YRvMQcU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=1371685786
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ 305 B
440 B 71ms
24ms Image
image/jpeg 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=607671&cmp=23636320&sid=5936378&plc=272061659&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 13:14:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/27/2020 1:14:17 PM

GET
H2 200 group-d-728.jpg
thehackernews.com/images/-7oJmLEYkjcQ/XqWacdmVRgI/AAAAAAAA2sw/P2VnIZJ4Rms0miW_RZVpJ6WhFtBlFeOqQCLcBGAsYHQ/s728-e100/ 24 KB
25 KB 21ms
20ms Image
image/webp 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-7oJmLEYkjcQ/XqWacdmVRgI/AAAAAAAA2sw/P2VnIZJ4Rms0miW_RZVpJ6WhFtBlFeOqQCLcBGAsYHQ/s728-e100/group-d-728.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eea7c162b751032d6569dfe2497847e8d2c35a4a2c6f4c3fd47adce526864c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 802
cf-polished: origFmt=jpeg, origSize=39519
status: 200
content-disposition: inline; filename="group-d-728.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25044
x-xss-protection: 0
expires: Thu, 05 Nov 2020 07:02:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdacf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 043728503d0000c2ea8c981200000001
accept-ranges: bytes
cf-ray: 5b9edcc6c897c2ea-FRA
access-control-expose-headers: Content-Length

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;dc_pre=COC-z7uD8OoCFX3juwgdNEML3A;sz=1x1;u=__AP1_np_dv_v7guyz280dPA__;ord=56265465475;dc_lat=;dc_rdid=;tag_for_chi...
https://d.agkn.com/pixel/2388/?che=950734230&col=23636320,5936378,272416746,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_...
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=950734230
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=950734230

42 B
932 B

42ms
41ms

Image
image/gif

34.243.136.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=950734230

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.136.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v076-0f944ac36.edge-irl1.demdex.com 5.74.0.20200727122545-PR_1451-SNAPSHOT 4ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: fNoJX89JRLA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: M9oKvqd5SW0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=950734230
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ 305 B
440 B 116ms
60ms Image
image/jpeg 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=607671&cmp=23636320&sid=5936378&plc=272416746&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 13:14:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/27/2020 1:14:17 PM

GET
H2 200 banner-2.jpg
thehackernews.com/images/-g7uXDJCZ7OY/Xvd1NvHazhI/AAAAAAAA29o/8JgEs0c4-70soOUsQnq8TuJY7KmJoG7jACLcBGAsYHQ/s300-e100/ 18 KB
18 KB 35ms
34ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-g7uXDJCZ7OY/Xvd1NvHazhI/AAAAAAAA29o/8JgEs0c4-70soOUsQnq8TuJY7KmJoG7jACLcBGAsYHQ/s300-e100/banner-2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b2d57168a8af5332dd51c5e9fc33e2ad750bc8e4d232ffc3cf415d70d5d47b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 923
cf-polished: origSize=18573, status=webp_bigger
status: 200
content-disposition: inline;filename="banner-2.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18318
x-xss-protection: 0
expires: Mon, 05 Oct 2020 16:54:42 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdbdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 04372850420000c2ea8c982200000001
accept-ranges: bytes
cf-ray: 5b9edcc6d8a6c2ea-FRA
access-control-expose-headers: Content-Length

GET
H2 200 hack.jpg
thehackernews.com/images/-bwFdCaNIFnY/XxqWGto_AVI/AAAAAAAA3EE/j07HgE0H-2sGnXP6QLPVX_XOqfkBLvoYgCLcBGAsYHQ/s72-c-e100/ 4 KB
4 KB 24ms
23ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-bwFdCaNIFnY/XxqWGto_AVI/AAAAAAAA3EE/j07HgE0H-2sGnXP6QLPVX_XOqfkBLvoYgCLcBGAsYHQ/s72-c-e100/hack.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22f5ff55f0f49d4abc346af5b6249aa862b29a6af56eec0d35954a88b1e1f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 922
cf-polished: origSize=3760, status=webp_bigger
status: 200
content-disposition: inline;filename="hack.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3720
x-xss-protection: 0
expires: Thu, 05 Nov 2020 12:58:56 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdc42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 04372850420000c2ea8c983200000001
accept-ranges: bytes
cf-ray: 5b9edcc6d8a8c2ea-FRA
access-control-expose-headers: Content-Length

GET
H2 200 north-korea-ransomware.jpg
thehackernews.com/images/-0OBZcsZSlyY/XxkvnLI16sI/AAAAAAAA3Ds/RwaWJyjh5XQmYrVPh_Po1IYK71IcM9HOQCLcBGAsYHQ/s72-c-e100/ 4 KB
5 KB 32ms
31ms Image
image/webp 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-0OBZcsZSlyY/XxkvnLI16sI/AAAAAAAA3Ds/RwaWJyjh5XQmYrVPh_Po1IYK71IcM9HOQCLcBGAsYHQ/s72-c-e100/north-korea-ransomware.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f4710ae5739ffd49f7aa175c642da064d93f11dca626267debfb4531707c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 922
cf-polished: origFmt=jpeg, origSize=5043
status: 200
content-disposition: inline; filename="north-korea-ransomware.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4334
x-xss-protection: 0
expires: Thu, 05 Nov 2020 06:59:32 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdc3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 04372850420000c2ea8c984200000001
accept-ranges: bytes
cf-ray: 5b9edcc6d8abc2ea-FRA
access-control-expose-headers: Content-Length

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1818915532&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&ul=en-us&de=UTF-8&dt=Undetectable%20Lin...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_gid=445519926.1595942058&gjid=99614431&_v=j83&z=567218194
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_v=j83&z=567218194
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_v=j83&z=567218194&slf_rd=1&random=1116781623

42 B
106 B

61ms
60ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_v=j83&z=567218194&slf_rd=1&random=1116781623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=278814658.1595942058&jid=101660157&_v=j83&z=567218194&slf_rd=1&random=1116781623
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8001 0
0 7ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 8395
date: Tue, 28 Jul 2020 09:50:19 GMT
expires: Wed, 28 Jul 2021 09:50:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12239
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 3144777058971176 Show response
connect.facebook.net/signals/config/ 522 KB
133 KB 90ms
90ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3144777058971176?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

250e0b868ee36500feacf68fa221351c5f454d07e15778a8517951b80c921e70

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qTuo9DT/h+JdN6rTYtGQ7s5ttbqXEpDfE/zFYp5FB54CMI7yU5Hhf0nKcF/59BYC7Jsv3G4aw/9itOlJwwA/ow==
x-fb-trip-id: 2042748335
x-frame-options: DENY
date: Tue, 28 Jul 2020 13:14:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 105 KB
32 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_269.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26b10905355d4ad4f1f2bb37d7a592e8d3cc09652c0f4a32047ce761d944014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849825770326"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32300
x-xss-protection: 0
expires: Tue, 28 Jul 2020 13:14:18 GMT

GET
H2 200 GL-1602-ESG_728x90.html
s0.2mdn.net/8532760/1584914429519/728x90/ Frame D7D5 0
0 59ms
6ms Document
text/html 2a00:1450:4001:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8532760/1584914429519/728x90/GL-1602-ESG_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_269.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8532760/1584914429519/728x90/GL-1602-ESG_728x90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
content-length: 2352
date: Tue, 28 Jul 2020 10:48:32 GMT
expires: Wed, 29 Jul 2020 10:48:32 GMT
last-modified: Sun, 22 Mar 2020 22:00:29 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 8746
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
709 B 146ms
66ms Other
image/gif 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_FnaksD9ksY7YVhYJGbvNgerl6D8XmlNUFfbapqqiBgzVJBXJ0xBPbRSxNzIuumxFK-xamDYdzhSXPuSEUYWo3n9EQG9OA9IfhFH8AgePAHqbLEVkDc_HpKPLpFBd&sig=Cg0ArKJSzKRowGF6WX7XEAE&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=77&cisv=r20200723.12574&adurl=

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
30 KB 46ms
46ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9400221
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04372850850000dfd369aa9200000001
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Fri, 10 Apr 2020 16:01:07 GMT
server: cloudflare
etag: W/"5e909843-15d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9edcc739c8dfd3-FRA
expires: Sun, 18 Jul 2021 13:14:18 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
54 B 141ms
67ms Other
image/gif 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
427 B 115ms
24ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://thehackernews.com
access-control-allow-credentials: true
cf-ray: 5b9edcc83ffe7329-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 043728512000007329f4b08200000001

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 280 B
2 KB 249ms
161ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=332834&zone_id=1745264&size_id=15&alt_size_ids=9%2C8%2C10%2C13%2C14%2C17%2C19%2C44&rp_schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&rf=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&tk_flint=pbjs_lite_v3.16.0-pre&x_source.tid=45247087-fb97-4f43-adb7-1941efcfd81f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8543108884709592
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3ba4f0aa367dea91e1f6026f3a2241f485213373966221d1babdff80966c6670

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 13:14:18 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 280
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 181ms
79ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

32489180ec0d5e4025d6a822226d12866712f24b5b4ef6f5b355783589847817

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 13:14:18 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.36:80
AN-X-Request-Uuid: 9dfe12ab-c20c-4e79-9a37-2ac0c29f3a4c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 120ms
19ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 13:14:18 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.119:80
AN-X-Request-Uuid: 8fae3ee8-922c-4d5a-947a-003907212045
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
581 B 104ms
18ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.16.0-pre
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c6ace11bf419f593045a48a8d7b3a138fe730a082fde84f6935ea2fab559b80

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 28 Jul 2020 13:14:18 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://thehackernews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 44

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 374 B
667 B 287ms
202ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&CanonicalUrl=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

2744745c20888a8aec03d7bbc48a2d24df498921a398247faa7d20a78da8d878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
status: 200
x-envoy-upstream-service-time: 176
vary: Accept-Encoding
content-length: 205
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 111ms
24ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=27&wv=3.16.0-pre&cb=30983417988
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 28 Jul 2020 13:14:18 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://thehackernews.com
timing-allow-origin: *
vary: Origin

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/211746/0/ 0
274 B 176ms
79ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211746/0/mvo?z=1r&hbv=3.16.0-pre,2.1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://thehackernews.com
Pragma: no-cache
Date: Tue, 28 Jul 2020 13:14:18 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 4 KB
2 KB 204ms
123ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a17c8dd663618cc064f746053bb3fd8ba106640523848bf8cbf82a3454687390

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
x-openrtb-version: 2.3
status: 200
content-type: application/json
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1961

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 235ms
141ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 13:14:18 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid: e42dd8cd-40eb-45bb-bb0e-de9a273c1ba7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 221 B
465 B 194ms
87ms XHR
application/json 54.229.190.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9218
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.190.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d935265651484dfd5bf116b5d0b56ad23427d1c3fdb4dcb3cfb0be9d14b97f8a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://thehackernews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 168 KB
31 KB 472ms
469ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2781936743848867&correlator=3710590028704653&output=ldjh&impl=fifs&adsid=NT&eid=21065645&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200728&iu_parts=103512698%2C22055424785%2C22055889203&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%2C320x50&fluid=height%2Cheight&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx&cookie_enabled=1&bc=31&abxe=1&lmt=1595941004&dt=1595942058275&dlt=1595942057251&idt=951&frm=20&biw=1600&bih=1200&oid=3&adxs=269%2C269&adys=1239%2C2871&adks=195439383%2C4038931684&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&dssz=45&icsg=145361579&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x0%7C730x0&msz=730x0%7C730x0&ga_vid=278814658.1595942058&ga_sid=1595942058&ga_hid=1818915532&fws=0%2C0&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

775a68fbfe98ffa4afc400c971541aeaa7a4ca36c5338d7f5591679b817049f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31810
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 86ms
13ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 8ms
6ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3144777058971176&ev=PageView&dl=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&rl=&if=false&ts=1595942058670&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1595942058669.305570887&it=1595942058092&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 28 Jul 2020 13:14:18 GMT

GET
H2 200 AQP5aIG2.js Show response
cdn.jwplayer.com/libraries/ 112 KB
37 KB 28ms
10ms Script
text/javascript 2600:9000:214f:fc00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/AQP5aIG2.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:fc00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 1cceb8f70355732b21ae5141db5c0f5b01db051f6ec51972d0bfbcf660c380e6

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:12:53 GMT
content-encoding: gzip
server: openresty
age: 85
status: 200
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA53-C1
content-length: 37140
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
x-amz-cf-id: bdXr0BarrfqREkVKarcTu1scKjsEijGMO0m15cwLBnk3eJf56NKszA==
expires: Tue, 28 Jul 2020 13:14:28 GMT

GET
H2 200 chinese-hackers-covid-19.jpg
thehackernews.com/images/-s1ntuL1bO1c/XxfmKIZovQI/AAAAAAAAAlo/anVtyVcqn4A-bjP0uRT1sTIi_qbbGRuFwCLcBGAsYHQ/s72-c-e100/ 4 KB
4 KB 20ms
20ms Image
image/webp 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-s1ntuL1bO1c/XxfmKIZovQI/AAAAAAAAAlo/anVtyVcqn4A-bjP0uRT1sTIi_qbbGRuFwCLcBGAsYHQ/s72-c-e100/chinese-hackers-covid-19.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3c7df10802ba2170bb724c33b8d47a30c76f3cec08eae0291822bb6e8a0583c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 921
cf-polished: origFmt=jpeg, origSize=4286
status: 200
content-disposition: inline; filename="chinese-hackers-covid-19.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4236
x-xss-protection: 0
expires: Thu, 05 Nov 2020 07:00:26 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v25b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 04372852d10000c2ea8c9aa200000001
accept-ranges: bytes
cf-ray: 5b9edccaeae4c2ea-FRA
access-control-expose-headers: Content-Length

GET
H2 200 cybersecurity.jpg
thehackernews.com/images/-EqME_7SrOUY/XxbbwigLIII/AAAAAAAAAlc/6_EaCenxhnEpqyIs2lTzvBMdHzyXkhBOwCLcBGAsYHQ/s72-c-e100/ 3 KB
4 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-EqME_7SrOUY/XxbbwigLIII/AAAAAAAAAlc/6_EaCenxhnEpqyIs2lTzvBMdHzyXkhBOwCLcBGAsYHQ/s72-c-e100/cybersecurity.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dbe55f08a982a71ff8f1da940147ddf39aa49cc6a0f678a8f64ac0f8ef1664b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 921
cf-polished: origSize=3424, status=webp_bigger
status: 200
content-disposition: inline;filename="cybersecurity.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3388
x-xss-protection: 0
expires: Sat, 31 Oct 2020 00:47:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 04372852d10000c2ea8c9ab200000001
accept-ranges: bytes
cf-ray: 5b9edccaeae8c2ea-FRA
access-control-expose-headers: Content-Length

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 357ms
355ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2781936743848867&correlator=3343934996694274&output=ldjh&impl=fifs&adsid=NT&eid=21065645&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200728&iu_parts=103512698%2C22055424791&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C300x100%7C300x75%7C300x250%7C300x600%7C250x250%7C240x400%7C200x200%7C160x600%7C120x600&fluid=height&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D44c1fcc1aee775e%26hb_ap_bidder%3Dpubmatic&eri=1&cust_params=da%3Dadx&cookie_enabled=1&bc=31&abxe=1&lmt=1595941004&dt=1595942058719&dlt=1595942057251&idt=951&frm=20&biw=1600&bih=1200&oid=3&adxs=1031&adys=1635&adks=1751276048&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F07%2Fdocker-linux-malware.html&dssz=46&icsg=145361579&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x50&msz=300x50&ga_vid=278814658.1595942058&ga_sid=1595942058&ga_hid=1818915532&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b5967b53979f66b4f7d6b36014c648ea42b7fa3f173c9ebc9cf0f9789b16db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10384
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thehackernews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D6E5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 28 Jul 2020 13:14:18 GMT
expires: Wed, 28 Jul 2021 13:14:18 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html
51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 307D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 28 Jul 2020 13:14:18 GMT
expires: Wed, 28 Jul 2021 13:14:18 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921e018e4be04fba8a1975fcb32b8e64d034160dcb6354c30f616c3bd9196e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27217
x-xss-protection: 0
expires: Tue, 28 Jul 2020 13:14:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 99ms
19ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dec81b1d7cfc08fb9e57f71dd53e7e7083b89047ae47272e808b2399be4caba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 13:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5670
x-xss-protection: 0

GET
H2 200 dji-drone-hacking.jpg
thehackernews.com/images/-pgeRXdhVdyQ/XxqfeedEkXI/AAAAAAAA3Ec/opswWFVGJqUKO2l78HfUPvMJRVQAAeqvwCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 65ms
64ms Image
image/jpeg 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-pgeRXdhVdyQ/XxqfeedEkXI/AAAAAAAA3Ec/opswWFVGJqUKO2l78HfUPvMJRVQAAeqvwCLcBGAsYHQ/s72-c-e100/dji-drone-hacking.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5faf53181dea8a6e9a2021eff8a6d40af6c7839e8874045a34563334745d1d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/07/docker-linux-malware.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 923
cf-polished: origSize=2752, status=webp_bigger
status: 200
content-disposition: inline;filename="dji-drone-hacking.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2712
x-xss-protection: 0
expires: Thu, 05 Nov 2020 06:59:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdc48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 04372853f90000c2ea8c9be200000001
accept-ranges: bytes
cf-ray: 5b9edccccf6ac2ea-FRA
access-control-expose-headers: Content-Length

POST
H2 200 /
www.facebook.com/tr/ 0
107 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFycvyCLp3tnYiaKB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 28 Jul 2020 13:14:19 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://thehackernews.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007210634000/ Frame 3A5B 206 KB
56 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c30c656a67a3c902072c7c839344fbe793788edbbaebb4f7a59b4c3c6750897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15203
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57364
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 09:00:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da4645546e0fb9cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 09:00:56 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 3A5B 16 KB
6 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16397
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5902
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 08:41:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed761c4f9176d72d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:41:02 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 3A5B 96 KB
29 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15203
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29699
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 09:00:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff583ae049a1bccf"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 09:00:56 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 3A5B 4 KB
3 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16397
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 08:41:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe8a226332f994d7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:41:02 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 3A5B 48 KB
15 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16397
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15001
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 08:41:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f044ff03265d7aa3"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:41:02 GMT

GET
DATA 200
OK truncated
/ Frame 3A5B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3830395301f27e78e36700879114e7ccf3e2be1a83e84475b11c7521f7cd5bb3

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11275810518847474058
tpc.googlesyndication.com/simgad/ Frame 3A5B 40 KB
40 KB 10ms
9ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11275810518847474058?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmLZWvhJC3BF8V1RmxqeBSxfH9xnQ

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f56f2dd22f759a9ee48cc539a85ab4df46af1a0d260ead15c04d93c2ddbb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 04:07:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 14:27:49 GMT
server: sffe
age: 32789
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40532
x-xss-protection: 0
expires: Wed, 28 Jul 2021 04:07:50 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A5B 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 7521
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A5B 295 B
423 B 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 17744
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Jul 2020 08:18:35 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3A5B 0
0 87ms
86ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgrtHqiQgX5DILoCM7_UPuai40AWI-Y-jXs_6h7DnCrP-p8CQDhABILqEwDNgkYSAgIwYoAHeh8fIA8gBAqkCdvNFVU0SqT7gAgCoAwHIAwiqBIoCT9CXQNrB2xkUmXN2NNVPzELk-BeBqwXDNL1qaiT70qV9AE7TXwlSuG359WwFYtkzUmUtgSq9JlY73EYIDdnI9Op3BIa6AmGcfj2i-9sCeiYYk4YE4xH1ZYjpZrPOyTD5gXhmVtfwrhWoO827bEs_jarY0Cht4p10DEMijcHxzEoVmpH70IfBn5WcmhU8FWY_1BvkDFehY1z_T69OfIfaWUuOVEyqFQ3piJ3OTglwYWwVG13i4e8AOTlpzBe-aakkLJlnOPeFPAH1zeMRA6UVyPZyzK1pzRhzRqqILIPs9wR73vg9DR-tqa81CCTGONDp2hVvncbwxzQl8oXvLRTDFYLo_LoA4GiHvgLABPKhpP-vAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeK-Lg3qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEObxFdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTAxNDU2OTkwMTM2NjE2NYAKA8gLAdgTDA&sigh=-1N6RQkYfPQ&tpd=AGWhJmuFZ93iRHPcjmryIQE8cemt3ESL9nbVr60NZP8EzZQLKQ
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2020/07/docker-linux-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 79ms
70ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 28 Jul 2020 13:14:19 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 1634 0
0 63ms
63ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 28 Jul 2020 12:32:37 GMT
expires: Wed, 28 Jul 2021 12:32:37 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2502
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3A5B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

90ms
90ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 28 Jul 2020 13:14:19 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 11275810518847474058
tpc.googlesyndication.com/simgad/ Frame 3A5B 40 KB
40 KB 6ms
5ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11275810518847474058?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmLZWvhJC3BF8V1RmxqeBSxfH9xnQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f56f2dd22f759a9ee48cc539a85ab4df46af1a0d260ead15c04d93c2ddbb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 04:07:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 14:27:49 GMT
server: sffe
age: 32789
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40532
x-xss-protection: 0
expires: Wed, 28 Jul 2021 04:07:50 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A5B 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 7521
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A5B 295 B
357 B 7ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 17744
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Jul 2020 08:18:35 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
173 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdmS57NNNL7cKcrNh2P-ywhCGqDu24UYXSaP3uS6V29mQ2MH4qmnuuAspF_CLfgqHNTyq8YFzBAA&sig=Cg0ArKJSzDYrTJwGFgx_EAE&id=lidar2&mcvt=1010&p=170,436,260,1164&mtos=1010,1010,1010,1010,1334&tos=1010,0,0,0,324&v=20200727&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=4037400832&rs=6&met=mue&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072001&jk=2781936743848867&bg=!wcKlwtpYUvCFlPI2avgCAAAAm1IAAAAWmQGI2QAVMqGK-bFN6EefC53c8jVjzO_R77cQqAx778iJcsxFX5bY6rEc86v1zdkAOGCUvHP4rUMxA4ok9FXviA7CJswic0AvxJx2yACRUPnkzF4VrOt05HZZcsrenaawYKZu0TkmBdqZMcGtF_eSUqAMCp4iyuPyr92jdR4OzBS8knWczq_YfgUUjcTHfp8f2UCIG02hJMuBCql_jSFf0MyZnydvm6qPGV_T0z4rwEXjpZLinHCGydiAZHKo0vzOgHfTajisvGCIeYlNMCcry-YBVZGGsH6EoGre7wmM9Z5vyiIemZ_hXYwvb2AGCpm53pXLNRuLa6RYq_YdX9r2NWYfIiLE5OjgauYkULu7-qEn0sODZBfswvOTo5m6r3BMyvYSxNZOFpjmNBGKcYYVoOAT1UiReOUPqJzeDoDcop9MYRe89G0C3oJCx1Q8ACG0f1DghzeU_TmnYRcBErqrgxn9_V27Jy6q85haSA6gKm1Farcbm6H4eGY2oy2vVSdYLO0WFivHtHenSMI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame FFF3 0
0 24ms
23ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 204
date: Tue, 28 Jul 2020 13:14:20 GMT
set-cookie: __cfduid=dd239c6fcd456d40d147ae85b7627504b1595942060; expires=Thu, 27-Aug-20 13:14:20 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0437285bb300007329f4b59200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5b9edcd91e507329-AMS

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame C7BF 0
0 71ms
26ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 28 Jul 2020 13:14:21 GMT
Age: 7199400
X-Served-By: cache-lga21948-LGA, cache-hhn4076-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 5642647
X-Timer: S1595942061.031993,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 6F91 0
0 69ms
22ms Document
text/html 13.35.254.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
content-type: text/html
content-length: 2236
last-modified: Thu, 23 Jul 2020 01:27:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 27 Jul 2020 21:07:01 GMT
etag: "202461a171f44cd9bf99b8a0f91a6c12"
cache-control: max-age=86400
x-cache: Hit from cloudfront
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -Xrd-x9lnGxkEhRGexzBEcQ_OWRfhb_ImT_x8wqOcipZJeIaKcgsxA==
age: 58041

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame ED1D 0
0 80ms
35ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=86116
Expires: Wed, 29 Jul 2020 13:09:37 GMT
Date: Tue, 28 Jul 2020 13:14:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 5B58 0
0 67ms
22ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sat, 25 Jul 2020 03:11:37 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33353
Expires: Tue, 28 Jul 2020 22:30:14 GMT
Date: Tue, 28 Jul 2020 13:14:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 72 KB
22 KB 56ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:21 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 07:47:50 GMT
server: nginx
etag: W/"5f169da6-121cc"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 29 Jul 2020 13:14:21 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 72 KB
22 KB 48ms
17ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 13:14:21 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 07:47:50 GMT
server: nginx
etag: W/"5f169da6-121cc"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 29 Jul 2020 13:14:21 GMT

GET
H2 200 dc_oe=ChMIpZjLu4Pw6gIVPsu7CB3NHQrcEAAYACDToZg-;met=1;&timestamp=1595942068120;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ 42 B
770 B 122ms
60ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpZjLu4Pw6gIVPsu7CB3NHQrcEAAYACDToZg-;met=1;&timestamp=1595942068120;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 13:14:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thehackernews.com/	1970-01-19 12:02:14	Name: __cfduid Value: dfd83863a282c427e9a9478da7b6f0add1595942057

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007210634000 https://thehackernews.com/2020/07/docker-linux-malware.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

51c7a3fb1a7c2beece2f4d3844d3b738.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.nl
ajax.cloudflare.com
ap.lijit.com
att.demdex.net
bidder.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.districtm.io
cdn.jsdelivr.net
cdn.jwplayer.com
cdnjs.cloudflare.com
connect.facebook.net
d.agkn.com
dmx.districtm.io
e3.adpushup.com
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
pagead2.googlesyndication.com
public.servenobid.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tag.1rx.io
thehackernews.com
tpc.googlesyndication.com
tps.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.111.230.142
104.16.190.66
13.35.254.100
151.101.113.108
172.217.18.2
172.217.22.6
178.250.0.165
185.255.84.150
185.33.220.145
185.64.189.112
205.234.175.175
213.19.147.210
213.19.162.51
213.254.244.19
216.58.205.226
216.58.212.162
23.210.249.92
23.97.225.52
2600:9000:214f:9000:19:fc2c:a140:93a1
2600:9000:214f:fc00:1:a3fa:7cc0:93a1
2606:4700:20::681a:61
2606:4700::6810:85e5
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2001
2a00:1450:4001:816::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::2002
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:4001:825::2006
2a00:1450:400c:c0a::9d
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
34.243.136.226
54.229.190.46
72.251.249.9
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08147379576eb4b2d600391dd081b698798b23ede12a66076b230daae5b70544
0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1385fe6c7366b4ab71c2806b9d327c837c8b5d74e35aa762200da83feb6113a8
13f09ef9feda96dc3acc6ebab8a047c5185bec952edebaff47a6e9112cab394a
1b2d57168a8af5332dd51c5e9fc33e2ad750bc8e4d232ffc3cf415d70d5d47b1
1bf946c996d5d58f78feca7b8f75607020c348c716f38798bcdb57c24dfcb31e
1cceb8f70355732b21ae5141db5c0f5b01db051f6ec51972d0bfbcf660c380e6
1eea7c162b751032d6569dfe2497847e8d2c35a4a2c6f4c3fd47adce526864c6
250e0b868ee36500feacf68fa221351c5f454d07e15778a8517951b80c921e70
2744745c20888a8aec03d7bbc48a2d24df498921a398247faa7d20a78da8d878
31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47
32489180ec0d5e4025d6a822226d12866712f24b5b4ef6f5b355783589847817
332eba8e75af443013f6b2707c236c3350d3888147b534169887b58f8d09f666
35e2b6e0587cfe3cb06f129c9512fa82df305949df748b0a12ecce752977abcb
360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3830395301f27e78e36700879114e7ccf3e2be1a83e84475b11c7521f7cd5bb3
3ba4f0aa367dea91e1f6026f3a2241f485213373966221d1babdff80966c6670
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
3dcc5c8a8b18c8d0c9dfa47536a3e83b116267c39a3428098d61542c5f146a03
495eba74eafd04a31cd9b716f069d812159a4889ad2f1eccc60593523221befd
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5faf53181dea8a6e9a2021eff8a6d40af6c7839e8874045a34563334745d1d3a
65db5303f62d2c876725bff7b36dfba6183b53fb1a54906fd1b75edf543bb4ae
66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
775a68fbfe98ffa4afc400c971541aeaa7a4ca36c5338d7f5591679b817049f6
7b5967b53979f66b4f7d6b36014c648ea42b7fa3f173c9ebc9cf0f9789b16db3
7c30c656a67a3c902072c7c839344fbe793788edbbaebb4f7a59b4c3c6750897
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d
921e018e4be04fba8a1975fcb32b8e64d034160dcb6354c30f616c3bd9196e82
96f56f2dd22f759a9ee48cc539a85ab4df46af1a0d260ead15c04d93c2ddbb23
98b3047cca6c09036e718abed042ca3cd035918616aa43ed0c4ae4ab317809e5
99169daf9e89c7a9b850f30ff9641e1e90c8050453d04c8b3d49cb7fd92c95bb
9c13c7f2ee9c8fab1d388a257ca989f8048d4824c99bfaad4f1253dfbd47726c
9c6ace11bf419f593045a48a8d7b3a138fe730a082fde84f6935ea2fab559b80
9dbe55f08a982a71ff8f1da940147ddf39aa49cc6a0f678a8f64ac0f8ef1664b
a17c8dd663618cc064f746053bb3fd8ba106640523848bf8cbf82a3454687390
a26b10905355d4ad4f1f2bb37d7a592e8d3cc09652c0f4a32047ce761d944014
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
a943c20e71e31d1d479ba31ab53f0c4ebe258f81a4cbe5cf16b4a42afaac153c
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c22f5ff55f0f49d4abc346af5b6249aa862b29a6af56eec0d35954a88b1e1f49
c3c7df10802ba2170bb724c33b8d47a30c76f3cec08eae0291822bb6e8a0583c
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c6cbd5e489f902c61f03aae4ab5dfcb51d4491708a943cebb423c4effa37cacc
d633f334b4a0e8983d86a850c4f64232f0e090b063758ce2480f80f6d5be2908
d935265651484dfd5bf116b5d0b56ad23427d1c3fdb4dcb3cfb0be9d14b97f8a
dbcdfa3a64c9c5e932dfd9ad5a47ad84880085c84d47c5c70c0039726f671ee5
dec81b1d7cfc08fb9e57f71dd53e7e7083b89047ae47272e808b2399be4caba2
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f7f4710ae5739ffd49f7aa175c642da064d93f11dca626267debfb4531707c76
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
fa562db5bcd3e435228ee73982745a848ec9ea48ffd2b7b23236ce5e379097c5
fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

thehackernews.com Open in urlscan Pro 2606:4700:20::681a:61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

93 Requests

100 %HTTPS

50 %IPv6

29 Domains

44 Subdomains

40 IPs

8 Countries

1402 kBTransfer

3604 kBSize

1 Cookies

34 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thehackernews.com Open in urlscan Pro
2606:4700:20::681a:61 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

100 %
HTTPS

50 %
IPv6

29
Domains

44
Subdomains

40
IPs

8
Countries

1402 kB
Transfer

3604 kB
Size

1
Cookies

93 HTTP transactions
10 data transactions