mrhacker.co Open in urlscan Pro
2606:4700:3037::6815:15a2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_...
Submission: On September 11 via api (September 11th 2021, 5:25:55 am UTC) from GB — Scanned from DE

Summary HTTP 145 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 33 IPs in 3 countries across 36 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3037::6815:15a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is mrhacker.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.

This is the only time mrhacker.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:303... 2606:4700:3037::6815:15a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4007:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:812::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4007:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
3	2606:4700:303... 2606:4700:3031::6815:3caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	136.243.4.18 136.243.4.18	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4007:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4007:813::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.214.162 216.58.214.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:805::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:813::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:3987	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:3b2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:d034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:5802	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:4012	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:8416	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:86ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:cc52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:eb34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:3eab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:d5be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:82be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:9332	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:af72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:a424	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2600:9000:219... 2600:9000:219c:9c00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
145	33

37 2606:4700:3037::6815:15a2 (United States)

ASN13335 (CLOUDFLARENET, US)

mrhacker.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:812::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:810::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

mrhackerco.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:3caf (United States)

ASN13335 (CLOUDFLARENET, US)

adsxyz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 136.243.4.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.4.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4007:813::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: mad01s26-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:810::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:813::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3987 (United States)

ASN13335 (CLOUDFLARENET, US)

egirlgirl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3b2e (United States)

ASN13335 (CLOUDFLARENET, US)

fapbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:d034 (United States)

ASN13335 (CLOUDFLARENET, US)

nude-hot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5802 (United States)

ASN13335 (CLOUDFLARENET, US)

porns.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:4012 (United States)

ASN13335 (CLOUDFLARENET, US)

clipsex.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:8416 (United States)

ASN13335 (CLOUDFLARENET, US)

fappinghd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:86ec (United States)

ASN13335 (CLOUDFLARENET, US)

javbest.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:cc52 (United States)

ASN13335 (CLOUDFLARENET, US)

thesexscene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb34 (United States)

ASN13335 (CLOUDFLARENET, US)

jav1080.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3eab (United States)

ASN13335 (CLOUDFLARENET, US)

pornbebes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d5be (United States)

ASN13335 (CLOUDFLARENET, US)

sex4viet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:82be (United States)

ASN13335 (CLOUDFLARENET, US)

xdultchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:9332 (United States)

ASN13335 (CLOUDFLARENET, US)

null88.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:af72 (United States)

ASN13335 (CLOUDFLARENET, US)

phancongkhanh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a424 (United States)

ASN13335 (CLOUDFLARENET, US)

tongdongkhue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:219c:9c00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	mrhacker.co mrhacker.co	619 KB
23	disquscdn.com c.disquscdn.com a.disquscdn.com Failed	810 KB
18	a-ads.com ad.a-ads.com static.a-ads.com	2 MB
10	disqus.com mrhackerco.disqus.com disqus.com links.services.disqus.com Failed	104 KB
4	gstatic.com fonts.gstatic.com	67 KB
3	adsxyz.com adsxyz.com	3 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	googletagmanager.com www.googletagmanager.com	89 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	84 KB
2	googleapis.com fonts.googleapis.com	3 KB
2	googlesyndication.com pagead2.googlesyndication.com	142 KB
1	tongdongkhue.com tongdongkhue.com	927 B
1	phancongkhanh.com phancongkhanh.com	928 B
1	null88.com null88.com	952 B
1	xdultchannel.com xdultchannel.com	1022 B
1	sex4viet.com sex4viet.com	981 B
1	pornbebes.com pornbebes.com	993 B
1	jav1080.com jav1080.com	1022 B
1	thesexscene.com thesexscene.com	1 KB
1	javbest.co javbest.co	1 KB
1	fappinghd.com fappinghd.com	1 KB
1	clipsex.online clipsex.online	1 KB
1	porns.photos porns.photos	1 KB
1	nude-hot.com nude-hot.com	1 KB
1	fapbest.com fapbest.com	1 KB
1	egirlgirl.com egirlgirl.com	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com apis.google.com Failed	570 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	gravatar.com secure.gravatar.com	3 KB
0	viglink.com Failed cdn.viglink.com Failed
0	facebook.net Failed connect.facebook.net Failed
0	jads.co Failed poweredby.jads.co Failed
0	effectivedisplayformat.com Failed www.effectivedisplayformat.com Failed
145	36

	Domain	Requested by
37	mrhacker.co	mrhacker.co adsxyz.com
23	c.disquscdn.com	mrhackerco.disqus.com disqus.com c.disquscdn.com mrhacker.co
13	ad.a-ads.com	mrhacker.co null88.com phancongkhanh.com tongdongkhue.com
8	disqus.com	mrhackerco.disqus.com c.disquscdn.com
5	static.a-ads.com	ad.a-ads.com
4	fonts.gstatic.com	fonts.googleapis.com
3	adsxyz.com	mrhacker.co adsxyz.com
2	www.google-analytics.com	www.googletagmanager.com mrhacker.co
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	mrhackerco.disqus.com	mrhacker.co mrhackerco.disqus.com
2	www.googletagmanager.com	mrhacker.co adsxyz.com
2	netdna.bootstrapcdn.com	mrhacker.co netdna.bootstrapcdn.com
2	fonts.googleapis.com	mrhacker.co
2	pagead2.googlesyndication.com	mrhacker.co pagead2.googlesyndication.com
1	tongdongkhue.com	adsxyz.com
1	phancongkhanh.com	adsxyz.com
1	null88.com	adsxyz.com
1	xdultchannel.com	adsxyz.com
1	sex4viet.com	adsxyz.com
1	pornbebes.com	adsxyz.com
1	jav1080.com	adsxyz.com
1	thesexscene.com	adsxyz.com
1	javbest.co	adsxyz.com
1	fappinghd.com	adsxyz.com
1	clipsex.online	adsxyz.com
1	porns.photos	adsxyz.com
1	nude-hot.com	adsxyz.com
1	fapbest.com	adsxyz.com
1	egirlgirl.com	adsxyz.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.gravatar.com	mrhacker.co
0	links.services.disqus.com Failed	c.disquscdn.com
0	cdn.viglink.com Failed	mrhacker.co
0	apis.google.com Failed	c.disquscdn.com
0	connect.facebook.net Failed	c.disquscdn.com
0	a.disquscdn.com Failed	mrhacker.co
0	poweredby.jads.co Failed	jav1080.com sex4viet.com pornbebes.com xdultchannel.com
0	www.effectivedisplayformat.com Failed	egirlgirl.com fappinghd.com nude-hot.com fapbest.com thesexscene.com porns.photos javbest.co clipsex.online
145	41

This site contains links to these domains. Also see Links.

Domain
fb.me
twitter.com
www.pinterest.com
www.instagram.com
www.reddit.com
www.linkedin.com
mrhackerco.tumblr.com
feeds.feedburner.com
www.mrhacker.co
www.trendmicro.com
www.sentinelone.com
www.facebook.com
digg.com
del.icio.us

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Frame ID: CFEE11C9A817DC57EA8C5BC9A1FA8FBD
Requests: 69 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313465?size=728x90
Frame ID: 10FBE3804805267E4B98C4CAB8C6B7A2
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313461?size=200x200
Frame ID: A8EAF2FC393D352B79FFEDC1BC5F88A8
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 17F6B06B4B8687AE4EBD93C07EAF2E4C
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 21A84FAF6834C9623EEBDBAF0AC08E61
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linkxyz/index.html
Frame ID: D157DC5D2866E18A1A06BEF9F7B678F8
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313466?size=990x90
Frame ID: 38B65EA1019421CF72077634CFAF0995
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313463?size=320x50
Frame ID: 79E18DC2AE90ECBDE4757858BFCE2C5E
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313465?size=728x90
Frame ID: 88455383E11B41192CF540590FEE3E62
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313462?size=300x250
Frame ID: 58A8878650308A42FD42EECEFA0899A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 920A5B0150651E05315F97765DB12B5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631337940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions%3Ffeed_id%3D23710%26_unique_id%3D613b12c4121b0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337940270&bpp=3&bdt=5254&idt=86&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5178628435679&frm=20&pv=2&ga_vid=604769426.1631337940&ga_sid=1631337940&ga_hid=1233246830&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=606866479465822&pem=907&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: B2692A30E9312DC81AF619EA4F12FA6F
Requests: 1 HTTP requests in this frame

Frame: https://egirlgirl.com/banner/adsterra_300x250.html
Frame ID: 3647B1470700792DD0B88DBA5CD2352C
Requests: 2 HTTP requests in this frame

Frame: https://fapbest.com/banner/adsterra_300x250.html
Frame ID: 6FF8D37AE4E8E0F6095FE052338622DE
Requests: 2 HTTP requests in this frame

Frame: https://nude-hot.com/banner/adsterra_300x250.html
Frame ID: E6F269626A2E451B30D7568C1E01588E
Requests: 2 HTTP requests in this frame

Frame: https://porns.photos/banner/adsterra_300x250.html
Frame ID: 554963D3990C3F64EA7027D93A4C3412
Requests: 2 HTTP requests in this frame

Frame: https://clipsex.online/banner/adsterra_300x250.html
Frame ID: C6CA516CECB6FAA0E131589CF123E4F2
Requests: 2 HTTP requests in this frame

Frame: https://fappinghd.com/banner/adsterra_300x250.html
Frame ID: D8AB2A6823A8EF42D9E195921F3F1AFD
Requests: 2 HTTP requests in this frame

Frame: https://javbest.co/banner/adsterra_300x250.html
Frame ID: AB3D9699F70CB301FAFD55C1A9DDE608
Requests: 2 HTTP requests in this frame

Frame: https://thesexscene.com/banner/adsterra_300x250.html
Frame ID: 770E69F2C86EE3AEF51FB8EDC9D2CAC2
Requests: 2 HTTP requests in this frame

Frame: https://jav1080.com/banner/juicyads_300x250.html
Frame ID: B34F2B7C0D4499FAAEAA63CFD94CD53C
Requests: 2 HTTP requests in this frame

Frame: https://pornbebes.com/banner/juicyads_300x250.html
Frame ID: E10BB5A9BF6EA590E33D13BF6426239E
Requests: 2 HTTP requests in this frame

Frame: https://sex4viet.com/banner/juicyads_300x250.html
Frame ID: 6064FF0E15C64A4BB7A05BCD78124B35
Requests: 2 HTTP requests in this frame

Frame: https://xdultchannel.com/banner/juicy_300x250.html
Frame ID: C5EC01C648AA3F950E8FF9DA90C3906E
Requests: 2 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_300x250.html
Frame ID: EF6699E650304E7C9957FA8BC35C9AC0
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_300x250.html
Frame ID: 7A7196C033955F44FC7756EA797D102D
Requests: 1 HTTP requests in this frame

Frame: https://phancongkhanh.com/banner/aads_300x250.html
Frame ID: AEAD390721FF54BE7CBA1C6405A58256
Requests: 1 HTTP requests in this frame

Frame: https://tongdongkhue.com/banner/aads_300x250.html
Frame ID: 63FB95C8BC0273FBD4CF5DDDEA7EBBC2
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 030C38DEB3B266A5F29B4CF0661AAEBE
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313462?size=300x250
Frame ID: 9800D2A5A4D7A9B1590D87DD23AA2FB1
Requests: 3 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default
Frame ID: F26A9AEF99889007F1D59F4C8B747088
Requests: 11 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions
Frame ID: 2D2FAB6F1504D84F3127FACC7CB1D089
Requests: 14 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331410?size=300x250
Frame ID: 9F2B27017E1068E296920CDAE5D93186
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1687823?size=300x250
Frame ID: 5079901AF63DF3191EDD9CA8B1A91895
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1687802?size=300x250
Frame ID: AD5ACC4E0DD1C7C746789B6D16F2A423
Requests: 2 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 5A69C922353B911CA853420F67DC64D9
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: A3C98B1821B0C54B6B272997A15A6CEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DarkRadiation ransomware targeting RedHat, Debian Linux distributions | MrHacker

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

145
Requests

88 %
HTTPS

88 %
IPv6

36
Domains

41
Subdomains

33
IPs

3
Countries

4064 kB
Transfer

5934 kB
Size

6
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://fb.me/mrhackerdotco

Search URL Search Domain Scan URL

URL: https://twitter.com/MrHackerCo

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/mrhackerco

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mrhackerco

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/mrhackerco

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/mrhacker

Search URL Search Domain Scan URL

URL: http://mrhackerco.tumblr.com/

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/mrhackerco

Search URL Search Domain Scan URL

URL: https://www.mrhacker.co/revil-ransomware-hacks-nuclear-weapons-contractor/
Title: Revil ransomware gang hits US nuclear weapons contractor

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html
Title: report

Search URL Search Domain Scan URL

URL: https://www.mrhacker.co/wp-content/uploads/2021/06/Capture-1.jpg
Title: <img aria-describedby="caption-attachment-86445" src="https://www.hackread.com/wp-content/uploads/2021/06/Capture-1-1024x560.jpg" width="710" height="388">

Search URL Search Domain Scan URL

URL: https://www.mrhacker.co/iranian-hackers-hit-israel-disk-wiper-ransomware/
Title: Iranian hackers hit Israel with disk wiper in disguise of ransomware

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/blog/darkradiation-abusing-bash-for-linux-and-docker-container-ransomware/
Title: blog post

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fmrhacker.co%2Fdata-security%2Fandroid-game-developer-eskyfun-exposed-1-million-gamers-to-hackers&t=Android%20game%20developer%20EskyFun%20exposed%201%20million%20gamers%20to%20hackers

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Android%20game%20developer%20EskyFun%20exposed%201%20million%20gamers%20to%20hackers&url=https%3A%2F%2Fmrhacker.co%2Fdata-security%2Fandroid-game-developer-eskyfun-exposed-1-million-gamers-to-hackers&via=MrHackerCo

Search URL Search Domain Scan URL

URL: http://digg.com/submit?url=https%3A%2F%2Fmrhacker.co%2Fdata-security%2Fandroid-game-developer-eskyfun-exposed-1-million-gamers-to-hackers&title=Android%20game%20developer%20EskyFun%20exposed%201%20million%20gamers%20to%20hackers

Search URL Search Domain Scan URL

URL: https://del.icio.us/post?url=https%3A%2F%2Fmrhacker.co%2Fdata-security%2Fandroid-game-developer-eskyfun-exposed-1-million-gamers-to-hackers&title=Android%20game%20developer%20EskyFun%20exposed%201%20million%20gamers%20to%20hackers

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fmrhacker.co%2Fdata-security%2Fandroid-game-developer-eskyfun-exposed-1-million-gamers-to-hackers&title=Android%20game%20developer%20EskyFun%20exposed%201%20million%20gamers%20to%20hackers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fmrhacker.co%2Fdata-security%2Fandroid-game-developer-eskyfun-exposed-1-million-gamers-to-hackers&title=Android%20game%20developer%20EskyFun%20exposed%201%20million%20gamers%20to%20hackers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

145 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request darkradiation-ransomware-targeting-redhat-debian-linux-distributions Show response
mrhacker.co/news/ 101 KB
18 KB 9261ms
4195ms Document
text/html 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c328c519448f8ed4bc263398f2b48c87fee0169738806067d595ae46399d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mrhacker.co
:scheme: https
:path: /news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cf-powered-by: WP Rocket 3.3
link: <https://mrhacker.co/wp-json/>; rel="https://api.w.org/" <https://mrhacker.co/?p=50850>; rel=shortlink
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAvG7lsWCWwsvbPzlVKFVqZJJpteNqKq7bmPoFQdpAHS3z6ddBakXjqVMHtZ5UpyHnilGf45m8jVXnydmgP8wQnLi6yQ%2Bx8zb%2BrfMcYqqvYXRVGKMfgdfc%2B131GaO0Ro8ToEGXVSM8LJIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ce79d3a8ec4e9e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 5118ms
41ms Script
text/javascript 2a00:1450:4007:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e724effb02ce80509d638a8d147d0f315fefe1e345bb8015d432495777517e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 10084690096370025338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 11 Sep 2021 05:25:40 GMT

GET
H2 200 style.min.css
mrhacker.co/wp-includes/css/dist/block-library/ 40 KB
6 KB 16ms
13ms Stylesheet
text/css 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2587400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 17 Nov 2019 06:06:56 GMT
server: cloudflare
etag: W/"5dd0e380-a1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d61JIIk6CWEQRqDwKD6ct4ELxhvN5uyJktM3aRqwoh6hWRHzLrfkzg1%2FOqScExZZOhWcYlZxwM3vw%2B%2F3Oo3JfGC3XYTifT5HAFbiUh9%2BGwBVYSBaxsQS7j%2BotnJszS2YWn4LVj5ABF7kaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79edfee84e9e-FRA
expires: Sat, 11 Sep 2021 06:42:15 GMT

GET
H2 200 style.css
mrhacker.co/wp-content/plugins/monarch/css/ 113 KB
13 KB 16ms
14ms Stylesheet
text/css 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

:path: /wp-content/plugins/monarch/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76576
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Sep 2019 11:01:00 GMT
server: cloudflare
etag: W/"5d70eaec-1c56d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVVMdxo0fA5DBXDL0Xq8svCx1m65IHrwSkjdHATY%2Bej5DbMDEETSJv9ndFesNF0HSY9h3gHW6ehsK9tnd91wiBPecCdhWUElq7VoHUFbFkwpHviWwvLKZc99UHh4nGJ3vYUeyYebdAYikQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79edfee94e9e-FRA
expires: Sun, 10 Oct 2021 08:09:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 5111ms
30ms Stylesheet
text/css 2a00:1450:4007:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:812::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Sep 2021 03:55:52 GMT
server: ESF
date: Sat, 11 Sep 2021 05:25:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Sep 2021 05:25:40 GMT

GET
H2 200 reset.css
mrhacker.co/wp-content/themes/flex-mag/css/ 1 KB
1001 B 15ms
13ms Stylesheet
text/css 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/themes/flex-mag/css/reset.css
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

:path: /wp-content/themes/flex-mag/css/reset.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Jul 2019 10:36:36 GMT
server: cloudflare
etag: W/"5d3ad7b4-434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8thsr9QnWHfpRPk4HDMvEDcTFI3CODV2TPOPjkQ4QKfCch8S9HXJ4VCnPDlpqIXtL5smYcKDX0niT%2B6YF05POTBVgFvEaoBbIPb%2BLyx8w96noJfN%2BA0VLlvgwwUpO5ZkF4ToVMoAUatdgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79edfeea4e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 37 KB
8 KB 5062ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718
age: 14889969
cdn-cachedat: 2021-03-11 11:58:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5c0f97ed0897d2e0f6db61e10b8f57df
cf-ray: 68ce7a0d8d005b74-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 style.css
mrhacker.co/wp-content/themes/flex-mag/ 92 KB
16 KB 27ms
25ms Stylesheet
text/css 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/themes/flex-mag/style.css
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a

Request headers

:path: /wp-content/themes/flex-mag/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 10 Aug 2019 13:18:30 GMT
server: cloudflare
etag: W/"5d4ec426-170e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uexfm11q4dFp84ZiYwloZ2DkeRtefixdHDgZZ6lFV00hZmXWfmQsu4eQk7YZDhBTqIcpWkmlqHaTd79zPQYdwP6lRAhx7iccEJA4XmKy49jk9l3TbQUDDk5N7TXupktVX6KJW97JA%2BgMUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79edfeeb4e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 5115ms
35ms Stylesheet
text/css 2a00:1450:4007:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:812::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b56ce20fe245aec9d7edace03deb7971d8be11bfbe723305347c1cd67622a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Sep 2021 05:25:40 GMT
server: ESF
date: Sat, 11 Sep 2021 05:25:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Sep 2021 05:25:40 GMT

GET
H2 200 style-sports.css
mrhacker.co/wp-content/themes/flex-mag/css/ 4 KB
1 KB 18ms
16ms Stylesheet
text/css 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/themes/flex-mag/css/style-sports.css
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557

Request headers

:path: /wp-content/themes/flex-mag/css/style-sports.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 18 Aug 2019 15:31:52 GMT
server: cloudflare
etag: W/"5d596f68-ed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0g7xIV5PvDyRm3BIJnEvqx2Wnw5ICg6Q3R1rhp06dyALg%2Fp%2BzFFD2eSUCyz%2BlMDzfMaC7FuhGNbuXj2bkqrrSVz26unheLdylwkKPO3bY8H0Jd0pcKam14oLzQGh20k7BFGRH%2BzldfxiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79edfeec4e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 media-queries.css
mrhacker.co/wp-content/themes/flex-mag/css/ 91 KB
10 KB 20ms
18ms Stylesheet
text/css 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/themes/flex-mag/css/media-queries.css
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d

Request headers

:path: /wp-content/themes/flex-mag/css/media-queries.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Jul 2019 10:36:36 GMT
server: cloudflare
etag: W/"5d3ad7b4-16af9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brpi4QB1oz%2FC5jT8O%2BJFAAczZg4pRgQElu5mc%2BeGTla7mn12Kiu%2FVCLNtt2pmyAXpCBxyOuoStbvG3jSir4hzHSBycjzVITL2Um0F0WLfFldfr987OXaQTudo21ZMN0rUZELXQix6uRxdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79edfeed4e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 jquery.fancybox.min.css
mrhacker.co/wp-content/plugins/easy-fancybox/css/ 4 KB
1 KB 21ms
20ms Stylesheet
text/css 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

:path: /wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2587398
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Sep 2019 16:12:18 GMT
server: cloudflare
etag: W/"5d83a8e2-fda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCBWzvngDYIds6Xn3DuekpZIDDujlr17MVml7PZNiPXcg4A3bHkpEoXjG3ZQ0C%2FdEhln%2FbogVe3kt342EMkPtwBDcQwnJDzbPEPRQLFywe2xQUtxDGDYaGg%2F8ErmJk%2BBOdwIjM4TBjAlkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79edfeef4e9e-FRA
expires: Sat, 11 Sep 2021 06:42:17 GMT

GET
H2 200 jquery.js Show response
mrhacker.co/wp-includes/js/jquery/ 95 KB
35 KB 22ms
21ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 17 May 2019 10:08:54 GMT
server: cloudflare
etag: W/"5cde8836-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8Hgk7EYsXnWymKUSbNtDv9WV2kkikmCteQaELRFSp0KMzSKJoL44WO0fQ0nq7iKy5xGXwRnQg4fs6H67JMQZExixCrDqjsReRySYTqc8Sbl96uiTEkvLwrKG1nivpBeF4Mb%2BhiLTJs%2Feg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79ee0ef04e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
mrhacker.co/wp-includes/js/jquery/ 10 KB
4 KB 25ms
25ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 227738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 May 2016 23:11:28 GMT
server: cloudflare
etag: W/"573e4820-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88ejq5k9qYstJ5Ez0GIxx3WdIVf6ngVDSNPWC2pQ48MhIw8N48HRJwBAr7rxaaHdQH8brzpQMNt2PrFRPN%2BNdEIbhFbQDlp%2B2fze97y7GvKWKWufgTKXvJi4wrJamcP1BMm1gR9zQWETrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce79ee0ef24e9e-FRA
expires: Fri, 08 Oct 2021 14:09:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
41 KB 5110ms
36ms Script
application/javascript 2a00:1450:4007:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146590598-1

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c38158119e8347e3b8a0e307c6dfd5a4aeb78ca7aa336a6ae1b6b0619d2d0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41214
x-xss-protection: 0
last-modified: Sat, 11 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 11 Sep 2021 05:25:45 GMT

GET
H2 200 logo-7.png
mrhacker.co/wp-content/uploads/2019/08/ 59 KB
59 KB 31ms
27ms Image
image/png 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2019/08/logo-7.png
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b

Request headers

:path: /wp-content/uploads/2019/08/logo-7.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2587401
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60307
last-modified: Wed, 21 Aug 2019 17:52:56 GMT
server: cloudflare
etag: "5d5d84f8-eb93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTiXPC7emL3nQMjy8Y5omU%2FnaVwgqzhDSrjtFhj%2FgzGYvLc7mtsFlnqWYwfqK0BEqpVH%2FCD%2BhLPpAtviSRYJfh92NOhECIxSFcPhpDNagy%2FrxDmQ5Bg%2B3oya1Sye%2FoUiROOmSigv6MXOxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2cdc4e9e-FRA
expires: Sat, 11 Sep 2021 06:42:18 GMT

GET
H2 200 3ce722f11a748f0a8912ddbf696f7c6f
secure.gravatar.com/avatar/ 2 KB
3 KB 5143ms
40ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT mxp 1
date: Sat, 11 Sep 2021 05:25:45 GMT
last-modified: Sun, 26 May 2019 07:53:07 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="3ce722f11a748f0a8912ddbf696f7c6f.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g>; rel="canonical"
content-length: 2298
expires: Sat, 11 Sep 2021 05:30:45 GMT

GET
H2 200 redhat-debian-linux-distribution-darkradiation-ransomware.jpg
mrhacker.co/wp-content/uploads/2021/09/ 22 KB
23 KB 780ms
776ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/redhat-debian-linux-distribution-darkradiation-ransomware.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b0bdd7db2580c48ff0b4dd9af9db3332c393189ccf6213f804057cf4acdf6d7

Request headers

:path: /wp-content/uploads/2021/09/redhat-debian-linux-distribution-darkradiation-ransomware.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22970
last-modified: Fri, 10 Sep 2021 07:59:28 GMT
server: cloudflare
etag: "613b1060-59ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ax%2BFj0jfOAFpXx176CHnHa13CowcsOCWS8CBefLUvo1yVjkOQ6qRjz%2FGth4ogGdG1%2FX37UcmZCgnmKXH9AytxUarjOATot%2Bcg3slDkuIYPr02OHY0evLhLI7a4UNODdaAwmBYriOQ8u7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2cde4e9e-FRA
expires: Mon, 11 Oct 2021 05:25:40 GMT

GET
H2 200 o-mg-malicious-lighting-cable-log-keystrokes-malware.jpg
mrhacker.co/wp-content/uploads/2021/09/ 24 KB
24 KB 26ms
23ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/o-mg-malicious-lighting-cable-log-keystrokes-malware.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8c2950d531b11647e9f8ffad2e2c71727726af8ac8b5e5c1bf231907323313d

Request headers

:path: /wp-content/uploads/2021/09/o-mg-malicious-lighting-cable-log-keystrokes-malware.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24213
last-modified: Fri, 10 Sep 2021 14:00:25 GMT
server: cloudflare
etag: "613b64f9-5e95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2ByLK7j8t%2FcgC8nTR06u6%2FaCxdpcrc6GfFT3IptX9nUcQcqpU2za74EClKYhHj18l3Q4F8CJx%2BvBI%2BeCvXIrfDuYiu19mBKyIP6lo7OYuVZWzT5mraXw2lp2aTaTwDftOPfx5KPrwDLGqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2cdf4e9e-FRA
expires: Sun, 10 Oct 2021 14:09:40 GMT

GET
H2 200 fin8-resurfaces-with-sardonic-backdoor.jpg
mrhacker.co/wp-content/uploads/2021/09/ 62 KB
63 KB 40ms
37ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/fin8-resurfaces-with-sardonic-backdoor.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a0cf084824678d9066b9141d70cc5de16dacdbadf70523a3d3cc9b4550dc71

Request headers

:path: /wp-content/uploads/2021/09/fin8-resurfaces-with-sardonic-backdoor.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63910
last-modified: Fri, 10 Sep 2021 14:00:15 GMT
server: cloudflare
etag: "613b64ef-f9a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBFxRFc%2BDfYZphSkUE5G0BwvRGKDFy7SayER6y%2BohIlz6nUEZVSNL7CEaxVdWrl%2Fw3OEOgikPubEWGeHWAhRQAYc1lunLLqCTOm1yKbesrgFSVDQWomT5wrrepLY6%2FRdr3%2B2knd%2BgjXWMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2ce04e9e-FRA
expires: Sun, 10 Oct 2021 14:09:46 GMT

GET
H2 200 konni-rat-variant-russia.jpg
mrhacker.co/wp-content/uploads/2021/09/ 46 KB
46 KB 42ms
39ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/konni-rat-variant-russia.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fabedaea312b5fafb27a692fed30e114a5e87995c227f7253f5a846071c68524

Request headers

:path: /wp-content/uploads/2021/09/konni-rat-variant-russia.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13606
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47003
last-modified: Fri, 10 Sep 2021 14:00:09 GMT
server: cloudflare
etag: "613b64e9-b79b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyVVNpucJ7cXOWxwvSyixaanmxWigbzg8WPoVyRWBlUOCNEsnuYjyg0PQ401ARYbKiUKhn9F%2BGjA6tX6ZI%2Bbj4KsNMPlgpY5UJOVypcfDptlx1sRFoE5rlT4G7Hbx%2BjSIN7o%2B2N0Z9lCyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2ce34e9e-FRA
expires: Mon, 11 Oct 2021 01:38:54 GMT

GET
H2 200 email-decode.min.js Show response
mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcUig4Ym94j%2FMQoEWgaz8LZz3KChOxIVDnCzF%2FPcdsIwBBlgnAq3aShcWEYsH%2BEty49HaLqgic5bZ8varlPnEsnOtEHVrdRO743rNIIkHEtwM%2FOl9QY8dILnHvjzNQVzjVAmh8Lqp1TRhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68ce7a0dfc894e9e-FRA
vary: Accept-Encoding
expires: Mon, 13 Sep 2021 05:25:40 GMT

GET
H2 200 biggest-security-risks-to-your-mobile-app-and-how-to-avoid-them.jpg
mrhacker.co/wp-content/uploads/2021/09/ 50 KB
51 KB 32ms
29ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/biggest-security-risks-to-your-mobile-app-and-how-to-avoid-them.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b6032d5177d051bd8bac9a3ca145d875da093a276f8229dcc4f22a5c2ae43e

Request headers

:path: /wp-content/uploads/2021/09/biggest-security-risks-to-your-mobile-app-and-how-to-avoid-them.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51329
last-modified: Fri, 10 Sep 2021 14:00:27 GMT
server: cloudflare
etag: "613b64fb-c881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o24Po9iojjawOFe%2BTDTThS7nzYcV819mC6jdie6E5kZnnYhqrQpVRi%2B%2BzbzFTt8wCEc5zh0RaAb7LINFHymDeLmUpJHxt4mEnUTZSsPLYQprCT2WyoYclvm7yKJJmE9iTwC4lxrH51eFSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2ce64e9e-FRA
expires: Sun, 10 Oct 2021 14:09:40 GMT

GET
H2 200 microsoft-office-365-credential-phishing-attack-abusing-open-redirect-links.jpg
mrhacker.co/wp-content/uploads/2021/09/ 45 KB
45 KB 33ms
31ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/microsoft-office-365-credential-phishing-attack-abusing-open-redirect-links.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed7b1cafd32cac67cfb6e7b83d88bb9e7d8a5a4f300de5bc3629dbe9949f9da

Request headers

:path: /wp-content/uploads/2021/09/microsoft-office-365-credential-phishing-attack-abusing-open-redirect-links.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46133
last-modified: Fri, 10 Sep 2021 14:00:23 GMT
server: cloudflare
etag: "613b64f7-b435"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5f6lpYsD3goz9xpx%2BhAc45l6RLcEIB0mGFiqbnQV4SIdijsSsZrqldXFT1NuVd4H5sIQkQVBwtG4bkUbwzfrM6YqJt5Gq80JozLe%2Fzb9j6OE76t4f2uR6u0RkUv5tlpcNWhAZQxq3ok1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2ce84e9e-FRA
expires: Sun, 10 Oct 2021 14:09:40 GMT

GET
H2 200 bangkok-airways-hit-by-lockbit-ransomware-leaks-103gb-of-data.jpg
mrhacker.co/wp-content/uploads/2021/09/ 32 KB
32 KB 34ms
32ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/bangkok-airways-hit-by-lockbit-ransomware-leaks-103gb-of-data.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1c60863448ff3be0623c749fc2be86f0990d65ba3f694c822cd5806b2d68c4

Request headers

:path: /wp-content/uploads/2021/09/bangkok-airways-hit-by-lockbit-ransomware-leaks-103gb-of-data.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32510
last-modified: Fri, 10 Sep 2021 14:00:21 GMT
server: cloudflare
etag: "613b64f5-7efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B2Rk2Z1W4IwCJ0brnPfGflFkReqWsXZc6MStcRayDSJBsjOU0mu3zCgx1XmVUlZIi2Bg%2FofH8tsumOzY%2BO3AFd6P75g4OSQa5SZQLtc%2BET1Rd13pswP3cQ%2BgBvjnYqFtwjm93txrc%2BUtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2ceb4e9e-FRA
expires: Sun, 10 Oct 2021 14:09:40 GMT

GET
H2 200 android-game-developer-eskyfun-exposed-data.jpg
mrhacker.co/wp-content/uploads/2021/09/ 59 KB
60 KB 36ms
34ms Image
image/jpeg 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2021/09/android-game-developer-eskyfun-exposed-data.jpg
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa034da9d6f8fa5cb081fa9d33116ec93ce976a29a4c34031b9d0f88c93e723c

Request headers

:path: /wp-content/uploads/2021/09/android-game-developer-eskyfun-exposed-data.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60858
last-modified: Fri, 10 Sep 2021 14:00:19 GMT
server: cloudflare
etag: "613b64f3-edba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GY6ugRzVpZK8lHnKvp72nCdQaT6J7yr5P62Rfa7X9L0dXl8ceD0gnA6I%2Fz0fbbpDTDfPCxkaMQuO3inc9yt4awwpQMwzmirfcO5uTAJKQT0ZRbBZLRWX5KwwLTm68V8HEpAHtPYxzQqxow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2cec4e9e-FRA
expires: Sun, 10 Oct 2021 14:09:40 GMT

GET
H2 200 logo.png
mrhacker.co/wp-content/uploads/2019/08/ 11 KB
12 KB 41ms
39ms Image
image/png 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrhacker.co/wp-content/uploads/2019/08/logo.png
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88

Request headers

:path: /wp-content/uploads/2019/08/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2587395
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11497
last-modified: Wed, 07 Aug 2019 10:33:00 GMT
server: cloudflare
etag: "5d4aa8dc-2ce9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNCvD34Y3X24uPuugPQn5%2B%2BamWlxDcolPHGoe%2BRwy9eVwbfQCtGX%2FOCaDUoeL3pjMygKd7cDNKg5%2BH4M77raVOIUQZc4MbNC9G5hxrO05rqu%2BSKHPeSCaL8Fwc9oATacZXwtNqWEaSKxtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e2ced4e9e-FRA
expires: Sat, 11 Sep 2021 06:42:25 GMT

GET
H2 200 comment-reply.min.js Show response
mrhacker.co/wp-includes/js/ 2 KB
1 KB 16ms
11ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-includes/js/comment-reply.min.js?ver=5.3.1
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 17 Nov 2019 06:06:56 GMT
server: cloudflare
etag: W/"5dd0e380-951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Dcyixj4cwJEkyKmSaP%2BfNgb2VNCGILK%2BV4IX57gvlSnP81CnuPtrATwvD3ZZCYLT7xdhGlpR%2FePoY1wDm1qewYlAeX%2B2stbeACDk1I%2Fr0FfULgbt2ZWVciEyJgU9TJg5oJul1wv0XOXnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cb14e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 ResizeSensor.js Show response
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 6 KB
2 KB 27ms
21ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d

Request headers

:path: /wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Aug 2019 18:28:51 GMT
server: cloudflare
etag: W/"5d696ae3-1743"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB5TPtjryzotkg%2Bupu7ThOdyz%2Fl935l0a9C8ML5uLUjvwL9h6okzbHxgw%2FWQOSduFFxoFrJgHnJdeJb7w2T58VBTR1iPk7YBx1R9VoUDK99rVhZdvQXfahBcmh0kdEdjS8PSo%2Bxu8lgnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cb74e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 16 KB
4 KB 23ms
17ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774

Request headers

:path: /wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Aug 2019 18:28:51 GMT
server: cloudflare
etag: W/"5d696ae3-3e36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ca4Q95aR%2Fw3G98qTvJawr3kBJyroDOIhS9GATs4fXcdmifIyhE5VLsk1%2BB4YiWV%2Fys34eOdAqPViCek9pgsFzMILzyxFqOvPiyZZ6TzblzArNKuEzW6Q5KkAXuRW6xqoffsAxZDJWJtutg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cba4e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 main.js Show response
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 435 B
556 B 23ms
17ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Request headers

:path: /wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76581
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Aug 2019 18:28:51 GMT
server: cloudflare
etag: W/"5d696ae3-1b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwjCnWTKYBqu0MO17PdO%2B74NZ0sClR%2BMGE8itoRvWedthoy04DHJKQ6ev%2BTWFViGYGGRuiBT%2BETxoLRVdDF16kpJBG5asq13HCLRDqGi%2F7CcJ09v04uYFeCeHO9iJ7EROcoEccp0T8XNAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cbc4e9e-FRA
expires: Sun, 10 Oct 2021 08:09:19 GMT

GET
H2 200 idle-timer.min.js Show response
mrhacker.co/wp-content/plugins/monarch/js/ 2 KB
1 KB 19ms
13ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Request headers

:path: /wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Sep 2019 11:01:00 GMT
server: cloudflare
etag: W/"5d70eaec-9d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qp8dm4fMj5bkAm8OihlEQYHLut%2B0%2F7c9DAB9Qh4%2BldiBvy23aEu5JF1BAgolAyZibatjcfCk5hDNdeEVrNsoY1uX74p6ABUmXEiuwIfkYmn3AmVep9GesC0SEQ7OA9kVw9d4BSIravoAGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cbd4e9e-FRA
expires: Fri, 08 Oct 2021 00:20:46 GMT

GET
H2 200 custom.js Show response
mrhacker.co/wp-content/plugins/monarch/js/ 26 KB
6 KB 29ms
23ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112

Request headers

:path: /wp-content/plugins/monarch/js/custom.js?ver=1.4.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Sep 2019 11:01:00 GMT
server: cloudflare
etag: W/"5d70eaec-6703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkmGdoRSX1lmXIvzA9p60iqcTXH32mogARV1tUX61XX8GYcreKrYIfI88veaOFRHIot5XRqZdYBLtTmYKJl68Plym3lZDfZZJzf3ZemlDVUJbeuS8qN%2BGTXKiZEZ9ZOlXO%2B%2BfQ767TaY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cbe4e9e-FRA
expires: Fri, 08 Oct 2021 00:20:47 GMT

GET
H2 200 scripts.js Show response
mrhacker.co/wp-content/themes/flex-mag/js/ 142 KB
35 KB 24ms
19ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e

Request headers

:path: /wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76581
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Jul 2019 10:36:36 GMT
server: cloudflare
etag: W/"5d3ad7b4-237aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jY%2F8hsVM%2Fx9HaYCXDqfbvgochlej4Bu4NUriJrYqgd1IZN%2BTEs5VqjPhZgNM5%2BNhCoBDosbRnAZd8Qc3KiSUuy4qwRn2bXLD2Y4DCy9nfI4vvToU%2BBkTEmpoohyW0r7xvfb2X4VkDfF%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cbf4e9e-FRA
expires: Sun, 10 Oct 2021 08:09:19 GMT

GET
H2 200 jquery.infinitescroll.min.js Show response
mrhacker.co/wp-content/themes/flex-mag/js/ 21 KB
12 KB 23ms
18ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

:path: /wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Jul 2019 10:36:36 GMT
server: cloudflare
etag: W/"5d3ad7b4-54c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9WVALBViSBPpWzQUaeKB1AuY%2BNLDiS9JFUOg9aluICztVtCt2CmRRJqfMVusvRT4pdptXXdds5Yhd4WoIeLf6vee%2FHeXdy1SGk2ejGQHkPt1jsW7lW06lF%2Fv2AI3ByM%2BCMqESvVnBvzNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cc04e9e-FRA
expires: Fri, 08 Oct 2021 00:20:47 GMT

GET
H2 200 retina.js Show response
mrhacker.co/wp-content/themes/flex-mag/js/ 3 KB
1 KB 26ms
21ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

:path: /wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Jul 2019 10:36:36 GMT
server: cloudflare
etag: W/"5d3ad7b4-c20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idZv08PBISZWOV0ibE%2BdGaKMMdVhJu2c826JVn0qKNCEgx4pMwAPn%2BjhuP4LG7K400BLiPrtr%2Fds9UdXcv629ooJ1z307g9J4p90uOGMVY11XT5jp1Bk2cePCBbR8vKr12pQ2jKFBvnd%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cc24e9e-FRA
expires: Fri, 08 Oct 2021 00:20:47 GMT

GET
H2 200 jquery.fancybox.min.js Show response
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 19 KB
7 KB 22ms
17ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

:path: /wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Sep 2019 16:12:18 GMT
server: cloudflare
etag: W/"5d83a8e2-4d4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzuVAc1Sya5p2pt7fh%2B7%2FR82b7frXWGDJey4eCGMpEAYMacDtTjFgjX6ArkogEeYZMgHidDjyoZdRr46QXQFsoIQWOzxJKsbpbBIP79riE23fQVT%2BFzg0ZBHBHzQtDfSKLVb2049sSb6Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e1cc34e9e-FRA
expires: Fri, 08 Oct 2021 00:20:47 GMT

GET
H2 200 jquery.easing.min.js Show response
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 2 KB
1 KB 27ms
22ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

:path: /wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76581
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Sep 2019 16:12:18 GMT
server: cloudflare
etag: W/"5d83a8e2-8fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jZ5K6Ol4yqHMBsecqnOhvqNOptfkgI88DW3dnO6sctNpAtxgaAFqzpz1vl4tRptotCiUme0rhq1BLbtivINKlx6T6n5SxCffqf42wW32wlzXRJdicSgl6FbTPQwvwFsL%2FMcJL5BrNdHrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e2cd44e9e-FRA
expires: Sun, 10 Oct 2021 08:09:19 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 3 KB
1 KB 43ms
38ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

:path: /wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Sep 2019 16:12:18 GMT
server: cloudflare
etag: W/"5d83a8e2-a31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAPAwazrcQHE%2B1zpHESXn3gmvybpUCnrl6vSi98FALTX803uZ5Hta3UOdxOPG085j9gEZc6kZIcK7qfy000kcvNaFwJbUeuWI9c%2BI7SlQkLNxi8NHAgS2Wv7eTXX7z4QRgCIHP8d7wakZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e2cd74e9e-FRA
expires: Fri, 08 Oct 2021 00:20:47 GMT

GET
H2 200 common.js Show response
mrhacker.co/wp-content/plugins/monarch/core/admin/js/ 1 KB
934 B 37ms
32ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

:path: /wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Sep 2019 11:01:00 GMT
server: cloudflare
etag: W/"5d70eaec-550"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8ZvpZ921%2BVfFxhhkG5M4upRfHG6aCPv1GivuzP7rbNm7UpGvjJAsFV1zgS2LnInLgrN61uelmFVyl3tCSRYnqIcP3X2Q2Z1CPAav%2FITZ1V0wgSizhSeR3OwR1hYm3wXlo6ZAB2HeZkJ6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e2cd84e9e-FRA
expires: Fri, 08 Oct 2021 00:20:47 GMT

GET
H2 200 script.min.js Show response
mrhacker.co/wp-content/plugins/boxzilla/assets/js/ 18 KB
6 KB 45ms
40ms Script
application/javascript 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb

Request headers

:path: /wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrhacker.co
referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 03 Dec 2019 11:55:32 GMT
server: cloudflare
etag: W/"5de64d34-4677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlBI4skNJTqwfQiWMfqAB1Mv4Pxzaxrt2AqL0bXUXRxIaYIUgwpphdxf4Yy7o3Uw%2B6z2iM3araHSG5DsukpxNVgOdd9thQnOiy%2BWCN43kOo9gD3CIexDEIyMehIHAS60emIWDOGp38RBxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a0e2cd94e9e-FRA
expires: Fri, 08 Oct 2021 00:20:47 GMT

GET
H/1.1 200
OK embed.js Show response
mrhackerco.disqus.com/ 75 KB
25 KB 5245ms
195ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

b589aeddf22181c7ee9436d875990f5302fba8cf4a0dc1cee8a700adecece17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24741

GET
H2 200 network.js Show response
adsxyz.com/sponsors/network/ 827 B
797 B 5071ms
19ms Script
application/javascript 2606:4700:3031::6815:3caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsxyz.com/sponsors/network/network.js
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 24 Jan 2020 05:18:04 GMT
server: cloudflare
etag: W/"5e2a7e0c-33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrGXvzShcRan1oGICK96Bed1Bpz37%2Bskof59DxMqMj25NdYPhzrYh8TbGrWM4%2BWtT1LUTXrmvfHULA%2BUaKO8DjCkUyt8ceO6eLWhKapDuJC1hbb6eeo85dKxBvYn84pSZ%2F6K1a7O35ar"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a2daca74edf-FRA
expires: Sun, 10 Oct 2021 09:12:01 GMT

GET
H/1.1 200
OK 1313465 Show response
ad.a-ads.com/ Frame 10FB 6 KB
2 KB 5076ms
23ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313465?size=728x90

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

7f834e5241d30be00b9db890ffa00347ee52c62ab1cf7137fae694e9a666efa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H/1.1 200
OK 1313461 Show response
ad.a-ads.com/ Frame A8EA 6 KB
2 KB 5075ms
24ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313461?size=200x200

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

62ff51109b836c9c2093c45f994fd16a2e5dc9b8b5725703993d5727825e52f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f772519eaee7afdcb6ca6d1d162951ad6805219c55bf322cbcc5f03ce7d8cb8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 38ms
14ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Origin: https://mrhacker.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 1566982
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e07447f5e346adf6c8a94af7ea358ae4
accept-ranges: bytes
cf-ray: 68ce7a0e4f494ee6-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 5095ms
21ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mrhacker.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 23:51:41 GMT
x-content-type-options: nosniff
age: 192844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 23:51:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 5124ms
51ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mrhacker.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 16:41:43 GMT
x-content-type-options: nosniff
age: 477842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:24:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 16:41:43 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 5108ms
35ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mrhacker.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 23:51:41 GMT
x-content-type-options: nosniff
age: 192844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 23:51:41 GMT

GET
H/1.1 200
OK 1313467 Show response
ad.a-ads.com/ Frame 17F6 7 KB
2 KB 5042ms
32ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313467?size=120x600

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

19d159ca137e1ccbd51d5d5dd3cb363add56e1e286a4411123c642e778a9c620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H/1.1 200
OK 1313467 Show response
ad.a-ads.com/ Frame 21A8 7 KB
3 KB 5042ms
32ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313467?size=120x600

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

3a3491d5087f6ad609e5c05410702c19b6dd7071b5578f215ed37de00b552066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H2 200 index.html Show response
adsxyz.com/sponsors/linkxyz/ Frame D157 4 KB
1 KB 5015ms
18ms Document
text/html 2606:4700:3031::6815:3caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adsxyz.com/sponsors/linkxyz/index.html

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:3caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffad8419f85c15cf2cc8ae98d79e4c1c395ec6491924ae92900d223131a50175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: adsxyz.com
:scheme: https
:path: /sponsors/linkxyz/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrhacker.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-type: text/html
last-modified: Thu, 26 Aug 2021 03:43:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 73243
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gFKwNl28kDlRM5HpCyZCANWc8%2FbLKz3kFc5ZpIXpwaDnZhQCUnTko9uSezLcT%2BC3T9XDXau6Be0yr9llOJNfIWV0g1%2BPfAW9disK09ULVpZXJ6PN01oR6HTxL8Bu%2BS9pS0GKCG4XJJP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ce7a2daca54edf-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 1313466 Show response
ad.a-ads.com/ Frame 38B6 6 KB
2 KB 5033ms
24ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313466?size=990x90

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

809df1ef8ace89cc26572e2d22872c5a9e63665b9f5b3be38b41febb71a8b88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H/1.1 200
OK 1313463 Show response
ad.a-ads.com/ Frame 79E1 6 KB
2 KB 5033ms
24ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313463?size=320x50

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

51bdd7da3404519d7cb1155628a5f74b5003ec8909e14773d0fec9cf291d75e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H/1.1 200
OK 1313465 Show response
ad.a-ads.com/ Frame 8845 6 KB
2 KB 5040ms
19ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313465?size=728x90

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

dbc31bf0e369b9fcc06379db2f5fa8fbd85db7f20259a2167d3bf27009dafd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H/1.1 577 1313462 Show response
ad.a-ads.com/ Frame 58A8 0
128 B 5033ms
12ms Document
text/plain 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.a-ads.com/1313462?size=300x250
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Length: 0
Connection: keep-alive

GET
H2 200 monarch.ttf
mrhacker.co/wp-content/plugins/monarch/css/fonts/ 15 KB
15 KB 18ms
17ms Font
application/octet-stream 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrhacker.co/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

:path: /wp-content/plugins/monarch/css/fonts/monarch.ttf
pragma: no-cache
origin: https://mrhacker.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: mrhacker.co
referer: https://mrhacker.co/wp-content/plugins/monarch/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Origin: https://mrhacker.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2574109
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15096
last-modified: Thu, 05 Sep 2019 11:01:00 GMT
server: cloudflare
etag: "5d70eaec-3af8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FkzyGLNp8nvnG4v%2BaEz5YvypcXlr9G%2Frru%2BCCoMZuWjl7eRMD%2FD4AVBYvxl9%2BFBXSjFwaIaZOWs6UoK3u5nh5IQ5TB6OO%2BdcgbQlmE3TFQ47jVDc%2BOrUg1W2m2BC%2FKN9da9Mp3JYblvdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 68ce7a0e7d724e9e-FRA
expires: Sat, 11 Sep 2021 10:23:51 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 5064ms
41ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mrhacker.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 21:48:08 GMT
x-content-type-options: nosniff
age: 200257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 21:48:08 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 251 KB
93 KB 45ms
45ms Script
text/javascript 2a00:1450:4007:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95420
x-xss-protection: 0
server: cafe
etag: 5659919450890713277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 11 Sep 2021 05:25:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 920A 10 KB
5 KB 5096ms
21ms Document
text/html 2a00:1450:4007:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210831/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrhacker.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 10 Sep 2021 18:52:00 GMT
expires: Fri, 24 Sep 2021 18:52:00 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 38025
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
659 B 5094ms
27ms Script
text/javascript 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mrhacker.co&callback=_gfp_s_&client=ca-pub-7952463575870072

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

cafe /

Resource Hash

8b7128d271737a075beea0398b00d166882433cad38ef7e4fe963394ad6a0d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 5222ms
30ms Script
application/javascript 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mrhacker.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 5219ms
30ms Script
application/javascript 2a00:1450:4007:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mrhacker.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B269 603 B
248 B 5032ms
39ms Document
text/html 2a00:1450:4007:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631337940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions%3Ffeed_id%3D23710%26_unique_id%3D613b12c4121b0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337940270&bpp=3&bdt=5254&idt=86&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5178628435679&frm=20&pv=2&ga_vid=604769426.1631337940&ga_sid=1631337940&ga_hid=1233246830&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=606866479465822&pem=907&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631337940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions%3Ffeed_id%3D23710%26_unique_id%3D613b12c4121b0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337940270&bpp=3&bdt=5254&idt=86&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5178628435679&frm=20&pv=2&ga_vid=604769426.1631337940&ga_sid=1631337940&ga_hid=1233246830&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=606866479465822&pem=907&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrhacker.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 11 Sep 2021 05:25:45 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 05:40:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 11 Sep 2021 05:25:45 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 5213ms
30ms Script
text/javascript 2a00:1450:4007:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273431406706"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
expires: Sat, 11 Sep 2021 05:25:45 GMT

GET
H2 200 random4f.js Show response
adsxyz.com/sponsors/linkxyz/ Frame D157 1 KB
639 B 15ms
14ms Script
application/javascript 2606:4700:3031::6815:3caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsxyz.com/sponsors/linkxyz/random4f.js
Requested by: Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd819f8eba0b56e52c8583bf1db1b5bbeec52504bef12ef0b325013b68977901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/sponsors/linkxyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 06 Jan 2012 14:11:54 GMT
server: cloudflare
etag: W/"4f07012a-568"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FZofCtce%2FN5CWMpeydBHjIZMhxjUBa%2Blov4PezqkX9vckWyXyxW1RRUcJrhJ6GQbCXd8SlhldpFonu2T3ftgaRM4Nb8hq3Z80MylNNATZrpWrLJctr%2FS2S70oxuuq4Pnzjh0%2BNxtyk7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 68ce7a2e7da14edf-FRA
expires: Sun, 10 Oct 2021 09:05:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D157 121 KB
48 KB 31ms
30ms Script
application/javascript 2a00:1450:4007:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D87R5XW8W4

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c584655c537162e951e14961c8fe9396a38deba88a4ab8cf32454a7c0472e94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49265
x-xss-protection: 0
expires: Sat, 11 Sep 2021 05:25:45 GMT

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/104028/ Frame 10FB 674 KB
675 KB 5095ms
16ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/104028/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313465?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
Last-Modified: Sun, 29 Dec 2019 17:09:03 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: AAKX477G49YS81CY
ETag: "74ffa6390dd104c5c534c4f2f266f4d3"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 690629
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 3TC98TKnrka7oOabxFNTsHEKH4LZcc9h
x-amz-id-2: dvZEo3uDLz+nb0EEKj1DFDXtvv11FIkkm6eKF+c/tof8sE7vQL3n6fyhejPDjPt5leTEqdFaU7M=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 320x50
static.a-ads.com/a-ads-banners/104027/ Frame 79E1 373 KB
373 KB 5094ms
19ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/104027/320x50?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313463?size=320x50
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e745a4b8c4213f6338afe0d6ead6ee17214695dbe7b8484bda782e354898eba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
Last-Modified: Sun, 29 Dec 2019 17:08:48 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: 0FCBN2RA1Q86T1NX
ETag: "10a7cad61388558409287f70f1d9664a"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 381861
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: HbclI2UzmbOKfnhFR738tE92uH20fqdL
x-amz-id-2: 0Q+MBF6G64cAFHUVV02CbrGFcjnzbuVPI+9t4ka/B2CWlZbzGPE9OtoBuKKvinCnFHMLEI8apW0=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/117619/ Frame 8845 122 KB
123 KB 5093ms
20ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313465?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: CV8PPP98RGSTHM6Z
ETag: "8df22bfbf1b66e4d461cc595236e19c5"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 125388
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
x-amz-id-2: 1TZ/umBGhOWc8MYotKOmM38Vpp4nAhfQqBCXU8L4vx0l4Rrj36AbzNK8iJiAi9TMDyQw7pL+EnI=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 10FB 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A8EA 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 17F6 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 21A8 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 38B6 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 5107ms
23ms Script
text/javascript 2a00:1450:4007:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146590598-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2790
date: Sat, 11 Sep 2021 04:39:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 11 Sep 2021 06:39:20 GMT

GET
H2 200 adsterra_300x250.html Show response
egirlgirl.com/banner/ Frame 3647 865 B
1 KB 5066ms
21ms Document
text/html 2606:4700:3035::6815:3987
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://egirlgirl.com/banner/adsterra_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3987 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b6121a4267cf53a8d9446dbc4c346131d0941463e2f3b1fef9e2d30515cfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: egirlgirl.com
:scheme: https
:path: /banner/adsterra_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Sat, 21 Aug 2021 10:36:31 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1706887
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akuv7%2BwyC38CoLplYbhMHyJY3EOuZuavHlAE5sG2bLDTYAQ3s92DnnoM2xR8GyK6ZDEKKAIhCG45UrgqXPuEWCv4PPzD%2BLd1ikjv9kCqVp1UgMNxtlOK6np5OQwoP0hZOc6VDYV3gjBYlgAv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e48304ebc-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsterra_300x250.html Show response
fapbest.com/banner/ Frame 6FF8 865 B
1 KB 5075ms
24ms Document
text/html 2606:4700:3037::6815:3b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fapbest.com/banner/adsterra_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

669e9517e16de747cabb78e5c73ef45830054a806170f37801841ed5b3b6689a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: fapbest.com
:scheme: https
:path: /banner/adsterra_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Sat, 21 Aug 2021 10:41:56 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1706841
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpfskS%2B5MdBmKaZZsVJ98PGBRHIKcg1dvH%2BznLieoQXi12L2gYT4vIOR7tn2Sys5asIopsaEpCZJyYc9NqR7KbXtc5iotuRqN6kmoKgtSj02PLk%2FhAdK58Fe7Ai%2F1aRN73AUwpmrza%2Fesw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e4bdd5c8c-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsterra_300x250.html Show response
nude-hot.com/banner/ Frame E6F2 865 B
1 KB 5074ms
17ms Document
text/html 2606:4700:3037::ac43:d034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nude-hot.com/banner/adsterra_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d034 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ca28dd8b7551c6f06b09458b7b5561513904c23be68308603ca6b3bcdb5960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: nude-hot.com
:scheme: https
:path: /banner/adsterra_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Sat, 21 Aug 2021 10:49:38 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1568712
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNG0BPT1oDv910HQF%2BAWzj%2FosfNvbob00JooAWuryvCFqs58ZcDbihIX7L%2BlNVmkmrnAVauzTbE2JJs05omvC7%2BaWPRnwvKA8xNw%2BKo627c%2BfTfLFlGcUyb%2FmJqqiFhND2QEgD1Y64huMU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e5a2d2c01-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsterra_300x250.html Show response
porns.photos/banner/ Frame 5549 865 B
1 KB 5103ms
25ms Document
text/html 2606:4700:3035::6815:5802
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://porns.photos/banner/adsterra_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5802 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

421f720278f84ac7e6429333b96f14f94756b1f0343f0236fac7307bac68b718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: porns.photos
:scheme: https
:path: /banner/adsterra_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Sat, 21 Aug 2021 10:57:03 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1707112
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v96RMa4UHap%2FQ%2BZ3LlsueFDI3nSU%2FNq7Hbu3cTVQOsnY1igDtqM85b3UHDG9YwieQXecM%2BExcvGIVPBOoWtezumm2jF%2B3mlRDGzNYuVSn9SWGTIIM2xkb1dBUO2Kt7LiZAT43NJzJe9giNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e7e944e38-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsterra_300x250.html Show response
clipsex.online/banner/ Frame C6CA 867 B
1 KB 5134ms
21ms Document
text/html 2606:4700:3033::6815:4012
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clipsex.online/banner/adsterra_300x250.html?

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:4012 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd110802bfc94a315236b952fc20ee920c1cf886b9526ffad1ee4ff9057d2394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: clipsex.online
:scheme: https
:path: /banner/adsterra_300x250.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Wed, 25 Aug 2021 09:45:12 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1452089
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx%2BheoM%2FePzmvvuCOOi8YQ%2BLIlug7dlNQlfKcG04mKVWAqnBhy42Dw2abuQtkjAjrWDFuAXKyEb8FSNjAaaLni1IO3zFly8UojcFEkyq4FUqb%2FLkpORYmMdpvNQ57jhucJX93hTXjVbmLdbGyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4ebe2d145a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsterra_300x250.html Show response
fappinghd.com/banner/ Frame D8AB 867 B
1 KB 5067ms
19ms Document
text/html 2606:4700:3035::ac43:8416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fappinghd.com/banner/adsterra_300x250.html?

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8416 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e71fa614171fdf7f3eee87e6198d233232fe2d73e7cc75cb30722c00000738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: fappinghd.com
:scheme: https
:path: /banner/adsterra_300x250.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Wed, 25 Aug 2021 09:49:40 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1452089
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LscI2SpO%2BbCEif9mO%2BpF1qjxNm0oI5%2B%2FAPJcsqmfqmSTwPsTykQB%2FR4oIUnVxScmJBZqybLMgb%2BJ7xQpJyU3hqGGCeZUtP9hUGXq8qf5bRuWMiqSfEQNtbbwzjr71NKOGOoLBk3pWwcfAhn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e482842ee-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsterra_300x250.html Show response
javbest.co/banner/ Frame AB3D 867 B
1 KB 5103ms
16ms Document
text/html 2606:4700:3036::ac43:86ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://javbest.co/banner/adsterra_300x250.html?

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:86ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

676311b41a8a21162d8187ce2b2ecb7c652888635cc52967a9aabff9ef583d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: javbest.co
:scheme: https
:path: /banner/adsterra_300x250.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Wed, 25 Aug 2021 09:51:54 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1268535
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyXHf3avToLxr8NYiBMlXuDG8Md0PnyZcP20iyvkn9fKyc4eCD9BnPfKHUxrvTcyOe8U2rRz7alRTetjlVX2wOGjyMhWrwXxmrAUKcCfc%2F%2FZznx3a2wh5j19JS%2BnQiB6pzhYZen3Aq9u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e89ea4e1f-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsterra_300x250.html Show response
thesexscene.com/banner/ Frame 770E 867 B
1 KB 5082ms
35ms Document
text/html 2606:4700:3033::ac43:cc52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thesexscene.com/banner/adsterra_300x250.html?

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:cc52 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227365258106f73bc8761237c88b38ffbca65361aa95b865709657406eae1459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: thesexscene.com
:scheme: https
:path: /banner/adsterra_300x250.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Wed, 25 Aug 2021 09:54:02 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 206420
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eM64JI8qnlQ3LJomedMGqzFG%2BSPye8N0uQcpZdEvA0gSyOX4NB035qdTjFV49SlJdTvHjBPIb8xgVt7vu6cOwMDlM229kzkCg1ZW5jPSJEFSnFNN69CVKyFly0HQd62A43JZsMvNxbkfueEvhSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e5b085bf5-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 juicyads_300x250.html Show response
jav1080.com/banner/ Frame B34F 744 B
1022 B 5067ms
22ms Document
text/html 2606:4700:3038::6815:eb34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jav1080.com/banner/juicyads_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb776e4e7499c2a01783aaeafd98641ea731c2d2da8ed9bb20cef55cd50b863b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: jav1080.com
:scheme: https
:path: /banner/juicyads_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Fri, 25 Jun 2021 18:29:27 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1707028
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aUBrcv3aglVkqHTgBk%2FjJrpHeHq%2BAmDJTSlYtkFvpyE2%2Bw2PjlXeeIUTaBP6Fv2wvzBrl8qXbfj%2FdFLn361ZBXBUiQaJ5or6gH%2B6N29gIcvgCCxr8mOdex3qBQpMmBrnSWKpn%2Fsx77Hog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e4e171766-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 juicyads_300x250.html Show response
pornbebes.com/banner/ Frame E10B 744 B
993 B 5101ms
48ms Document
text/html 2606:4700:3037::6815:3eab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pornbebes.com/banner/juicyads_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3eab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93e18f2f4e1a2af8839f0ee4900990890090742ac52482ea811f1fe41ef5556c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pornbebes.com
:scheme: https
:path: /banner/juicyads_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Fri, 25 Jun 2021 18:43:21 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HP4PW%2F%2BsvLyXWb%2BMvlKkYUChkHVqQxh0Zl%2FKn53TNScBFpJi6Lo12LFSfYtLMqA7bLQfRr3kNigzNhizVWWXIH1L7ZpqopoGt%2B%2F7xmOXITBDar9EgSYsujLDZY2aBHJU7Sw5Lj%2BOcdrpMtwq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ce7a4e5ca74e49-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 juicyads_300x250.html Show response
sex4viet.com/banner/ Frame 6064 661 B
981 B 5074ms
19ms Document
text/html 2606:4700:3030::ac43:d5be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sex4viet.com/banner/juicyads_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d5be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07aa1437b73b702e4fd27db55e676455653762882c782440309ba4534050928a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: sex4viet.com
:scheme: https
:path: /banner/juicyads_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Fri, 25 Jun 2021 18:14:21 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1568783
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TGqHc5%2BSHJp%2BmH6%2BQJAZph0OfbttSdCLYCGeSeSuksN21kI1FyZUVgYr8ZR0AmJ%2BjzrabIhNwq%2FjRE2iQcQtnwPo4UzhWk7fx1XZ4%2F4MiBTVOmSzqA4aXGShrEwek%2Ftu82Xshw0nkafBaI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e6b595373-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 juicy_300x250.html Show response
xdultchannel.com/banner/ Frame C5EC 742 B
1022 B 5105ms
23ms Document
text/html 2606:4700:3033::ac43:82be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xdultchannel.com/banner/juicy_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:82be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c60dfaf4d68247d23d28f56642945518dc7481ce4fba6b1f908857f497a4c614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: xdultchannel.com
:scheme: https
:path: /banner/juicy_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Fri, 25 Jun 2021 17:05:02 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1879954
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMi%2BQJOocwkNziknHBnG6T6K8xLoSC%2Fks0HQUjJTSAzxD3717lmLV3afepdOsOMqzFMQlrqIPf7ZRXcFGakdiloVFhx53hPsP0%2Bk8EB3SD77FFXYKeiRGavMHXPGuIs1XloDcngW7EbRGd%2FfnCYG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e8d5a2b35-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aads_300x250.html Show response
mrhacker.co/banner/ Frame EF66 558 B
699 B 14ms
14ms Document
text/html 2606:4700:3037::6815:15a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mrhacker.co/banner/aads_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:15a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45458c5cfa0ae1e6992b40d920661a7107510f24e5c96f4b2f160d9939d946d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mrhacker.co
:scheme: https
:path: /banner/aads_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:45 GMT
content-type: text/html
last-modified: Sun, 19 Jan 2020 08:10:22 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1706669
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxE%2Bt5g4Y2S6lYCaSHXw83QNqxKTElQCd1rTWxxzPEhe4gcvc97EyA9TV9aRYGVdqFjTgJrica1giiWkKH2DimvhUQQPdUemejgTOiUjaZ47h6UyxEhQPsBUVsUssLF8sPQtIQWyfmG3IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a2ecb424e9e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aads_300x250.html Show response
null88.com/banner/ Frame 7A71 558 B
952 B 5096ms
15ms Document
text/html 2606:4700:3032::ac43:9332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://null88.com/banner/aads_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: null88.com
:scheme: https
:path: /banner/aads_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Sat, 22 Feb 2020 06:34:19 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1569005
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uu2ESW%2FHbGTjV7%2BbE%2FZ%2FPVYTWRTOzqiFot0G0NsAneDpEt%2F%2BRvJZL95gFvueeONr%2FnsJhP0WehE8zkY%2Bvg3pOHzTB0qcy%2FknOrfC5ASH2nOch7%2FusdLcKD6moBgAW90uFE384QvO0lDB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ce7a4e8bcb5bf9-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aads_300x250.html Show response
phancongkhanh.com/banner/ Frame AEAD 558 B
928 B 5150ms
100ms Document
text/html 2606:4700:3037::ac43:af72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phancongkhanh.com/banner/aads_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:af72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c953490be90a1e661e731eed1b5b5b07d20a3d23806cc81d641c383e99422c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: phancongkhanh.com
:scheme: https
:path: /banner/aads_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Wed, 30 Jun 2021 09:30:59 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FDxkVAX7FiIU4d5e5T1DOxqycyIrAjrMTbPF96rPoR4XZUyYN3ocfGhhP9sSiZEwv25hIhAG%2FVbWcM9RtCh19JleRGgjzUiU7zcY05SUZYrOtaEOpadAcgY1%2FF74TVUqubE14id35YFMT%2BbJ2xnNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ce7a4e5a304e79-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aads_300x250.html Show response
tongdongkhue.com/banner/ Frame 63FB 558 B
927 B 5169ms
114ms Document
text/html 2606:4700:3034::ac43:a424
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tongdongkhue.com/banner/aads_300x250.html

Requested by

Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a424 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e1b64507c8e03581b958717b74ea4f9df546187e1477ff33f2ad65dbdfcb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tongdongkhue.com
:scheme: https
:path: /banner/aads_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adsxyz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adsxyz.com/

Response headers

date: Sat, 11 Sep 2021 05:25:50 GMT
content-type: text/html
last-modified: Wed, 30 Jun 2021 09:14:18 GMT
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGsCcw%2BX02g%2FUZmIuiS%2BUOuVC9dfminSfzKiFE898QoJ3AW9zeVICDELfWxiW4rWewPknc%2B%2Ba45v01W4EHfEoenvlQBlZqG8BrzR3RzBQgrtKz5cOzwSSwe%2ByNu186ES0lFIp%2Bpp%2Fi0np44gPWov"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ce7a4e685542ee-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 5131ms
40ms Other
text/css 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 804276
x-cache: Hit from cloudfront
content-length: 26040
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 01 Sep 2021 21:40:36 GMT
server: nginx
etag: "612ff354-65b8"
content-type: text/css; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Thu, 01 Sep 2022 22:01:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: DqnC9QFjcgP6Hl02_5aN5d40Ho9ImpR6GmgvvwgsN9F6DtPciyHkcQ==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 0
93 KB 5129ms
41ms Other
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4612717
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: orU5jXQzPEj2Ik81rXcc3n3cRgaG1PlRg6QQNyYoIxJVBV1O4ohd9A==
x-cache-hits: 0

GET
H2 200 lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
c.disquscdn.com/next/embed/ 0
119 KB 5147ms
59ms Other
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731394
x-cache: Hit from cloudfront
content-length: 120689
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-1d771"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: WWJ1_nCYggNXMDU6L6vCfYsnmGiglH_HkYKQHZ3XqY-q-LpG1z8e5w==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 5072ms
16ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 60
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12046
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
mrhackerco.disqus.com/ 62 KB
21 KB 117ms
117ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mrhackerco.disqus.com/recommendations.js

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7bee630e544141e295191b7d5db9fb98612b5377919a6a1d5d621bf0c07ce8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20832

GET
H/1.1 200
OK 1313467 Show response
ad.a-ads.com/ Frame 030C 7 KB
2 KB 29ms
28ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313467?size=120x600

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

1de3273997c0a2081492d4f4f170bbb6ff260692a435425a2f1fe4c90c2972d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H/1.1 200
OK 1313462 Show response
ad.a-ads.com/ Frame 9800 6 KB
2 KB 28ms
27ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1313462?size=300x250

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/banner/aads_300x250.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

8d878d6f9c8a1a3d6933e519ed0adb3b0364e0963f31e6a09f048a07a88300b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://mrhacker.co/
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame F26A 7 KB
4 KB 5165ms
129ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

98fb33b8605421f21dc401e1aadd896c4cd51f6394382e3d52f88a7fc6867c09

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Connection: keep-alive
Content-Length: 2833
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 10 Sep 2021 08:09:51 GMT
ETag: W/"lounge:view:8766874657.5e694768e1422769f4acbe6312ecb55a.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 11 Sep 2021 05:25:50 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 0
4 KB 5139ms
74ms Other
text/css 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11050402
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:52:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: e1b9kRvYYzguCO8PZt2xV9gsGVamcBe8XCPpabJVaZebDFgYHsauZw==
x-cache-hits: 0

GET
H2 200 common.bundle.72e35017d98ea7f210961b0d5c38444a.js
c.disquscdn.com/next/recommendations/ 0
87 KB 5141ms
76ms Other
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4612727
x-cache: Hit from cloudfront
content-length: 88853
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-15b15"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:03 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: qil3jWDE9XYDxPNO6rbPoFqFqOKi4pzCyxaJ9MZyJ-JZhhV2JO0HyQ==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
c.disquscdn.com/next/recommendations/ 0
20 KB 5148ms
83ms Other
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731395
x-cache: Hit from cloudfront
content-length: 20099
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-4e83"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:55 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: zFEZQ-trThMA-_Cjv2m_pGVAch-NPy9YNUprPZTAR1nlL060I5p0Tw==
x-cache-hits: 0

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/117617/ Frame 9800 187 KB
187 KB 4840ms
23ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313462?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: B6CFFE237NV3E838
ETag: "5896f969c3c0d5de143c2f56c20489d9"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 191448
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
x-amz-id-2: XjgzExM2buIwS0GbNn6UsLKG/S2OgM2No8X1OmBQi1yy7pglx55PDMLf3RQs8HAOfP9LyyTsPAI=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9800 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 030C 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 2D2F 6 KB
3 KB 5027ms
111ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

41faa68378a6c68e19722b376992653598878b6633da16992e9d66a4fb15ef3b

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrhacker.co/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/

Response headers

Connection: keep-alive
Content-Length: 2402
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 13 Jul 2020 23:47:40 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 11 Sep 2021 05:25:50 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET invoke.js
www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/ Frame 3647 0
0

GET invoke.js
www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/ Frame D8AB 0
0

GET jads.js
poweredby.jads.co/js/ Frame B34F 0
0

GET invoke.js
www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/ Frame E6F2 0
0

GET invoke.js
www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/ Frame 6FF8 0
0

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 24ms
24ms Image
image/gif 2a00:1450:4007:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1233246830&t=pageview&_s=1&dl=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions%3Ffeed_id%3D23710%26_unique_id%3D613b12c4121b0&ul=en-us&de=UTF-8&dt=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions%20%7C%20MrHacker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUAB~&cid=604769426.1631337940&tid=UA-146590598-1&_gid=206093152.1631337951&gtm=2ou910&z=409265872

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 10:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69300
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET jads.js
poweredby.jads.co/js/ Frame 6064 0
0

GET invoke.js
www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/ Frame 770E 0
0

GET invoke.js
www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/ Frame 5549 0
0

GET
H/1.1 200
OK 1331410 Show response
ad.a-ads.com/ Frame 9F2B 6 KB
2 KB 26ms
25ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1331410?size=300x250

Requested by

Host: null88.com
URL: https://null88.com/banner/aads_300x250.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

0c9b8b440273569550ff9d9c64dfa6814a7b2a1f4bf212df9c013325f43c0298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://null88.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://null88.com/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://null88.com/
Content-Encoding: gzip

GET invoke.js
www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/ Frame AB3D 0
0

GET jads.js
poweredby.jads.co/js/ Frame E10B 0
0

GET jads.js
poweredby.jads.co/js/ Frame C5EC 0
0

GET invoke.js
www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/ Frame C6CA 0
0

GET
H/1.1 200
OK 1687823 Show response
ad.a-ads.com/ Frame 5079 7 KB
2 KB 28ms
27ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1687823?size=300x250

Requested by

Host: phancongkhanh.com
URL: https://phancongkhanh.com/banner/aads_300x250.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

9221dfb01f78629683c5b26d00dc88928e79328afe5e1e7088fefa63836bc8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://phancongkhanh.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://phancongkhanh.com/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://phancongkhanh.com/
Content-Encoding: gzip

GET
H/1.1 200
OK 1687802 Show response
ad.a-ads.com/ Frame AD5A 7 KB
2 KB 31ms
31ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1687802?size=300x250

Requested by

Host: tongdongkhue.com
URL: https://tongdongkhue.com/banner/aads_300x250.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

110f892ef5c2024aa586dbb653b32472aa34d014ee58ae292008bb1c93659959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tongdongkhue.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tongdongkhue.com/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 Sep 2021 05:25:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://tongdongkhue.com/
Content-Encoding: gzip

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/118229/ Frame 9F2B 682 KB
683 KB 16ms
16ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/118229/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331410?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
Last-Modified: Sun, 26 Apr 2020 07:21:07 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: YCVGZ7X1Z7Q40625
ETag: "ce8c5673a039ad9769d3265284d8f5f4"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 698412
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: UQkZBCfcjGWdsi6lCz_51AvW3yIHMTsf
x-amz-id-2: W4JjfyUwEKjUnhv6+Wz548v2+V+m6oqma9Yd6wvyFWMuDGbUyo7APZs5tuM9xHUfGY34gqV2gnc=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9F2B 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5079 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AD5A 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 recommendations.load.064141e2948b0e7f6218d4075662ea80.js Show response
c.disquscdn.com/next/recommendations/ Frame 2D2F 923 B
1019 B 63ms
20ms Script
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.064141e2948b0e7f6218d4075662ea80.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cd132cc11b4c3feea41adf4d06a10f935dc9bf596dfa23d6f48ccb8fe2d44bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731395
x-cache: Hit from cloudfront
content-length: 448
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-1c0"
content-type: application/javascript; charset=utf-8
via: 1.1 8513b0b4c77c9a98d13a007d589042ff.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:55 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: yNu3_ZcQdBb8OjMyZjijZLCHTcPoEaLCKjhUCptokgercusMquxy8g==
x-cache-hits: 0

GET
H2 200 lounge.load.9bdb65de27b881f62b84ef54f46d1575.js Show response
c.disquscdn.com/next/embed/ Frame F26A 1 KB
1 KB 63ms
21ms Script
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731394
x-cache: Hit from cloudfront
content-length: 533
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-215"
content-type: application/javascript; charset=utf-8
via: 1.1 8513b0b4c77c9a98d13a007d589042ff.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: zU41XUGmDA4g01ZOge_N8Pf1iJLUGKnc5g4wc9_jnF-bJx02eqAc0w==
x-cache-hits: 0

GET
H2 200 common.bundle.72e35017d98ea7f210961b0d5c38444a.js Show response
c.disquscdn.com/next/recommendations/ Frame 2D2F 262 KB
87 KB 23ms
23ms Script
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.064141e2948b0e7f6218d4075662ea80.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a9b2621dcaa88ed6a5d03a96cf38e466a9c2928e5fae60b5b977a33f8b63460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4612727
x-cache: Hit from cloudfront
content-length: 88853
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-15b15"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:03 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: YspCN3NNha2iLCnQiK915C65uGE3Z-89GOQ77b6keYXGtfXk7VjRdA==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame F26A 282 KB
93 KB 27ms
27ms Script
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4612717
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: Z1H0EBZJPwXuMFs-HkcbmppVOFhQlCs02Xk7JtP3uuhJKMng7phP8w==
x-cache-hits: 0

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 2D2F 17 KB
4 KB 22ms
22ms Stylesheet
text/css 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11050402
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:52:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: vXR0tsKPbBbd7ZVegxbfMfS-TlQp0v5vdoLfHFz38iGPiHpt6IeiyA==
x-cache-hits: 0

GET
H2 200 lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ Frame F26A 163 KB
26 KB 22ms
22ms Stylesheet
text/css 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 804276
x-cache: Hit from cloudfront
content-length: 26040
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 01 Sep 2021 21:40:36 GMT
server: nginx
etag: "612ff354-65b8"
content-type: text/css; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Thu, 01 Sep 2022 22:01:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: TuZu2AvNgJ0FPUFNmcpsWXh2qW-KplrjG_AKNU6z-mguq0AznHuvRw==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js Show response
c.disquscdn.com/next/recommendations/ Frame 2D2F 65 KB
20 KB 23ms
23ms Script
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731395
x-cache: Hit from cloudfront
content-length: 20099
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-4e83"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:55 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: B0Zyq7pz31LdN74C1lFa8NdzROob3Vl_ZhyGCp9t7TBNvu_wP8NSfQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 2D2F 12 KB
12 KB 9ms
9ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12046
X-XSS-Protection: 1; mode=block

GET
H2 200 lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js Show response
c.disquscdn.com/next/embed/ Frame F26A 468 KB
119 KB 22ms
22ms Script
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731394
x-cache: Hit from cloudfront
content-length: 120689
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-1d771"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: bi87cR9bhC63Br5Pylaqo5jrobK0S5TxtwoIWM54WcS-T6jQ_ELbmA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame F26A 12 KB
12 KB 18ms
18ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:50 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12046
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 2D2F 3 KB
4 KB 111ms
111ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3349
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame F26A 3 KB
4 KB 109ms
108ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3349
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 2D2F 6 KB
6 KB 189ms
189ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=mrhackerco&thread=ident%3Amrhackerco-50850&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

58a340a28effd581c79c5dd7385232851702f4a2b1a62e26b16e2e52ae179720

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50850&t_u=https%3A%2F%2Fmrhacker.co%2Fnews%2Fdarkradiation-ransomware-targeting-redhat-debian-linux-distributions&t_e=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_d=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions&t_t=DarkRadiation%20ransomware%20targeting%20RedHat%2C%20Debian%20Linux%20distributions
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 05:25:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 6128
X-XSS-Protection: 1; mode=block

GET noavatar92.png
a.disquscdn.com/1631056800/images/ Frame F26A 0
0

GET
DATA 200
OK truncated
/ Frame F26A 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 23ms
22ms Script
application/javascript 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689497
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Sat, 03 Sep 2022 05:54:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: 7iChrx9oW_PaBqWa_veEtGDLUtykv4ycQtzdH64C-qepEzddZag8nA==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 5A69 337 B
806 B 22ms
21ms Stylesheet
text/css 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 19:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6946294
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 17 Jun 2021 21:48:37 GMT
server: nginx
etag: "60cbc335-f4"
content-type: text/css; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Wed, 22 Jun 2022 19:54:17 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: Y4ts3WuQ5k2iAeI62j6msp8FlqyGsJKHFMsIW-7WeWk9yuPPstmneg==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame A3C9 337 B
808 B 22ms
22ms Stylesheet
text/css 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrhacker.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 19:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6946294
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 17 Jun 2021 21:48:37 GMT
server: nginx
etag: "60cbc335-f4"
content-type: text/css; charset=utf-8
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
expires: Wed, 22 Jun 2022 19:54:17 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: DaHjtX6fviPRpjLNDSjJTPVAiexP_1C16-ygwuu6XQ4nCoxQPwnIRA==
x-cache-hits: 0

GET sdk.js
connect.facebook.net/en_US/ Frame F26A 0
0

GET api.js
apis.google.com/js/ Frame F26A 0
0

GET pixel.gif
cdn.viglink.com/images/ 0
0

GET
H2 200 get
c.disquscdn.com/ Frame 2D2F 20 KB
21 KB 25ms
24ms Image
image/jpeg 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fzameen-com-hacked.jpg&key=eE1u6TVhx6ZRYzTOq33RaQ&h=200

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 01:53:30 GMT
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2089378
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 20678
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaqswfnouOIzE%2FEQ5CHWJgIX%2FQDjS80dsY%2FAbMk%2BA56HYs4OI7HjdmzMidMVv1NVNnVWqm4mowwQ3Yxpbl%2FcvyUoRslIMy5OuojSV3LY5Sm44V3OWbc6HKTdg66auQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
x-amz-cf-id: y5TAMVW2q55ktKNtQX8PzShWu0pK-urX1ZpZ7VuX7HJs9SjbzsdYwA==
expires: Fri, 17 Sep 2021 01:53:30 GMT

GET
H2 404 get
c.disquscdn.com/ Frame 2D2F 0
0 515ms
514ms Image
text/html 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2020%2F04%2Fhow-to-get-windows-10-2004-release-preview.jpg&key=VkcfeckCrYChI1IL-3gBzQ&h=200
Requested by: Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 get
c.disquscdn.com/ Frame 2D2F 3 KB
4 KB 26ms
25ms Image
image/jpeg 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnordvpn-server-was-hacked.jpg&key=d49R8v6RMTrdU6oMr2_OJg&h=200

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 02:11:09 GMT
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258082
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 3532
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rz5kN7AaUkBHr9ESko8djgCV7kM9d0FkhhzFJB%2Bz0jqY6NKd9Q0aurfcpWUyKwjRGNU3sfTeP%2FdZltDeuvETAUUVHhyzhLvNTPTenLQTlZDdNaIcIEP%2FgMq%2F%2B6Ddhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
x-amz-cf-id: HNbRWiECD0ZvskriXzGqPf8gfxaGA2_KZtuzro3OIgKQcWl-85d_8A==
expires: Wed, 15 Sep 2021 02:11:09 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 2D2F 11 KB
11 KB 26ms
25ms Image
image/jpeg 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fatm2bmalware.jpg&key=RW9S4XLIDRfebY7mlx4nnQ&h=200

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

189f9e055dd25823d14b06678036d41865d143d8ca4813fe97c08db4eb21e851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 15:27:59 GMT
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482272
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 10800
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=togZvSM9AcQz1kSELtEyJ9A4MRNrDdMK7avXYTvWuBCSyw45xHr6xhpGgd6dyp2xbd1PVsTMymGdZBXp2EJMd8c%2FmQ8PE8XZMfWXnQ%2FnHysBd5J%2B9QU16AwfKEnXJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
x-amz-cf-id: eux-JA-oJ5hq2O8hts61TYDfogDdWdHo13ZqIHj_yglMb958ESllCA==
expires: Tue, 05 Oct 2021 15:27:59 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 2D2F 11 KB
12 KB 27ms
26ms Image
image/jpeg 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnginx-php-fpm-hacking-exploit.jpg&key=FmmPpxDtKf3-7Od2A_FxeQ&h=200

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 01:53:30 GMT
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2091572
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 11150
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUSfPvtm8xUKogNkY9j7xZf08fDgzrJkUsfSjqpvZOvgusjEcdokE%2FoBgNhzkLhR4WTvW%2BdhC5%2FxPx7ct8%2FqJx7sI0WyqWv6y%2BKoB5sOYUsqI1SnGCLxTgc4CjzobQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
x-amz-cf-id: WHt8F6t00fn56ybhNN_5XLuS4fD2PoziynUcbi-UsRDUpZLVvD3fGw==
expires: Fri, 17 Sep 2021 01:53:30 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 2D2F 32 KB
33 KB 27ms
27ms Image
image/png 2600:9000:219c:9c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fremote-access-trojan.png&key=IidVFmgt_ZPrbq5XbCNarw&h=200

Requested by

Host: mrhacker.co
URL: https://mrhacker.co/news/darkradiation-ransomware-targeting-redhat-debian-linux-distributions?feed_id=23710&_unique_id=613b12c4121b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:9c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6ea5ae441130287eb5d58aebb3425bd80c9836d3c51e5e04e293cae2188b1bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:13:29 GMT
via: 1.1 4f71df838a8c9e7869c43cb74c6385e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1612964
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 32515
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVE97YiHzpIO%2F4m%2Brcsw9LfJESV5BvBcKHZEKznkZ5evDlm5HEVZsrgK7rjWuL%2FWClKDm9VxZzip0Up9estTmQcRIjIt8Ekzu9pgk0yGF%2Fmdda9We1NAHg47HFzQ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
x-amz-cf-id: FKo_Fxl994D1AFSFrIvpfkda04Wne8gQDF4MYJ9ezBY0yV0ZeonMHQ==
expires: Wed, 22 Sep 2021 14:13:29 GMT

POST ping
links.services.disqus.com/api/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/invoke.js

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/invoke.js

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/invoke.js

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/invoke.js

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/invoke.js

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/invoke.js

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/invoke.js

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js

Domain: www.effectivedisplayformat.com
URL: https://www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/invoke.js

Domain: a.disquscdn.com
URL: https://a.disquscdn.com/1631056800/images/noavatar92.png

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Domain: apis.google.com
URL: https://apis.google.com/js/api.js

Domain: cdn.viglink.com
URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.6493554253190115

Domain: cdn.viglink.com
URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.6493554253190115

Domain: links.services.disqus.com
URL: https://links.services.disqus.com/api/ping

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 21:08:58	Name: test_cookie Value: CheckForPermission
.mrhacker.co/	1970-01-20 06:30:33	Name: __gads Value: ID=e52e926a1b68e714-229c8e03eeca0064:T=1631337945:RT=1631337945:S=ALNI_Ma9lESqVOdA5DR_E-SYOaXoJPQjUA
.mrhacker.co/	1970-01-20 14:40:09	Name: _ga Value: GA1.2.604769426.1631337940
.mrhacker.co/	1970-01-19 21:10:24	Name: _gid Value: GA1.2.206093152.1631337951
.disqus.com/	1970-01-20 05:54:33	Name: disqus_unique Value: 16eadgn2psm63i
disqus.com/	1970-01-19 21:08:59	Name: __jid Value: 16g72vh1bo2om3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.a-ads.com/1313462?size=300x250 Message: Failed to load resource: the server responded with a status of 577 ()
network	error	URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2020%2F04%2Fhow-to-get-windows-10-2004-release-preview.jpg&key=VkcfeckCrYChI1IL-3gBzQ&h=200 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
ad.a-ads.com
adservice.google.com
adservice.google.de
adsxyz.com
apis.google.com
c.disquscdn.com
cdn.viglink.com
clipsex.online
connect.facebook.net
disqus.com
egirlgirl.com
fapbest.com
fappinghd.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jav1080.com
javbest.co
links.services.disqus.com
mrhacker.co
mrhackerco.disqus.com
netdna.bootstrapcdn.com
nude-hot.com
null88.com
pagead2.googlesyndication.com
partner.googleadservices.com
phancongkhanh.com
pornbebes.com
porns.photos
poweredby.jads.co
secure.gravatar.com
sex4viet.com
static.a-ads.com
thesexscene.com
tongdongkhue.com
www.effectivedisplayformat.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
xdultchannel.com
a.disquscdn.com
apis.google.com
cdn.viglink.com
connect.facebook.net
links.services.disqus.com
poweredby.jads.co
www.effectivedisplayformat.com
136.243.4.18
151.101.192.134
199.232.192.134
216.58.214.162
2600:9000:219c:9c00:6:8656:f5c0:93a1
2606:4700:3030::ac43:d5be
2606:4700:3031::6815:3caf
2606:4700:3032::ac43:9332
2606:4700:3033::6815:4012
2606:4700:3033::ac43:82be
2606:4700:3033::ac43:cc52
2606:4700:3034::ac43:a424
2606:4700:3035::6815:3987
2606:4700:3035::6815:5802
2606:4700:3035::ac43:8416
2606:4700:3036::ac43:86ec
2606:4700:3037::6815:15a2
2606:4700:3037::6815:3b2e
2606:4700:3037::6815:3eab
2606:4700:3037::ac43:af72
2606:4700:3037::ac43:d034
2606:4700:3038::6815:eb34
2606:4700::6812:bcf
2a00:1450:4007:805::2002
2a00:1450:4007:80a::2002
2a00:1450:4007:80f::2003
2a00:1450:4007:810::2002
2a00:1450:4007:810::2008
2a00:1450:4007:812::200a
2a00:1450:4007:813::2002
2a00:1450:4007:813::200e
2a04:fa87:fffe::c000:4902
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07aa1437b73b702e4fd27db55e676455653762882c782440309ba4534050928a
090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88
0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31
0b56ce20fe245aec9d7edace03deb7971d8be11bfbe723305347c1cd67622a3f
0c38158119e8347e3b8a0e307c6dfd5a4aeb78ca7aa336a6ae1b6b0619d2d0b6
0c9b8b440273569550ff9d9c64dfa6814a7b2a1f4bf212df9c013325f43c0298
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
110f892ef5c2024aa586dbb653b32472aa34d014ee58ae292008bb1c93659959
11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e
189f9e055dd25823d14b06678036d41865d143d8ca4813fe97c08db4eb21e851
19d159ca137e1ccbd51d5d5dd3cb363add56e1e286a4411123c642e778a9c620
1a9b2621dcaa88ed6a5d03a96cf38e466a9c2928e5fae60b5b977a33f8b63460
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1de3273997c0a2081492d4f4f170bbb6ff260692a435425a2f1fe4c90c2972d9
227365258106f73bc8761237c88b38ffbca65361aa95b865709657406eae1459
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3a3491d5087f6ad609e5c05410702c19b6dd7071b5578f215ed37de00b552066
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112
3b0bdd7db2580c48ff0b4dd9af9db3332c393189ccf6213f804057cf4acdf6d7
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
41faa68378a6c68e19722b376992653598878b6633da16992e9d66a4fb15ef3b
421f720278f84ac7e6429333b96f14f94756b1f0343f0236fac7307bac68b718
42a0cf084824678d9066b9141d70cc5de16dacdbadf70523a3d3cc9b4550dc71
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
45458c5cfa0ae1e6992b40d920661a7107510f24e5c96f4b2f160d9939d946d0
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
51bdd7da3404519d7cb1155628a5f74b5003ec8909e14773d0fec9cf291d75e4
51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a
52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb
58a340a28effd581c79c5dd7385232851702f4a2b1a62e26b16e2e52ae179720
5ed7b1cafd32cac67cfb6e7b83d88bb9e7d8a5a4f300de5bc3629dbe9949f9da
62ff51109b836c9c2093c45f994fd16a2e5dc9b8b5725703993d5727825e52f0
65b6121a4267cf53a8d9446dbc4c346131d0941463e2f3b1fef9e2d30515cfab
669e9517e16de747cabb78e5c73ef45830054a806170f37801841ed5b3b6689a
676311b41a8a21162d8187ce2b2ecb7c652888635cc52967a9aabff9ef583d2b
6c1c60863448ff3be0623c749fc2be86f0990d65ba3f694c822cd5806b2d68c4
6ea5ae441130287eb5d58aebb3425bd80c9836d3c51e5e04e293cae2188b1bae
73b6032d5177d051bd8bac9a3ca145d875da093a276f8229dcc4f22a5c2ae43e
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7bee630e544141e295191b7d5db9fb98612b5377919a6a1d5d621bf0c07ce8c8
7f834e5241d30be00b9db890ffa00347ee52c62ab1cf7137fae694e9a666efa2
809df1ef8ace89cc26572e2d22872c5a9e63665b9f5b3be38b41febb71a8b88f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
8b7128d271737a075beea0398b00d166882433cad38ef7e4fe963394ad6a0d51
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8d878d6f9c8a1a3d6933e519ed0adb3b0364e0963f31e6a09f048a07a88300b3
8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
9221dfb01f78629683c5b26d00dc88928e79328afe5e1e7088fefa63836bc8df
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
93e18f2f4e1a2af8839f0ee4900990890090742ac52482ea811f1fe41ef5556c
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
95ca28dd8b7551c6f06b09458b7b5561513904c23be68308603ca6b3bcdb5960
98fb33b8605421f21dc401e1aadd896c4cd51f6394382e3d52f88a7fc6867c09
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9
a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca
aa034da9d6f8fa5cb081fa9d33116ec93ce976a29a4c34031b9d0f88c93e723c
b589aeddf22181c7ee9436d875990f5302fba8cf4a0dc1cee8a700adecece17b
b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb776e4e7499c2a01783aaeafd98641ea731c2d2da8ed9bb20cef55cd50b863b
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c584655c537162e951e14961c8fe9396a38deba88a4ab8cf32454a7c0472e94c
c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139
c60dfaf4d68247d23d28f56642945518dc7481ce4fba6b1f908857f497a4c614
c6c328c519448f8ed4bc263398f2b48c87fee0169738806067d595ae46399d00
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8c2950d531b11647e9f8ffad2e2c71727726af8ac8b5e5c1bf231907323313d
c953490be90a1e661e731eed1b5b5b07d20a3d23806cc81d641c383e99422c2d
cd132cc11b4c3feea41adf4d06a10f935dc9bf596dfa23d6f48ccb8fe2d44bb8
cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56
d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11
d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557
dbc31bf0e369b9fcc06379db2f5fa8fbd85db7f20259a2167d3bf27009dafd19
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
dd819f8eba0b56e52c8583bf1db1b5bbeec52504bef12ef0b325013b68977901
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e2e1b64507c8e03581b958717b74ea4f9df546187e1477ff33f2ad65dbdfcb16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9
e5e71fa614171fdf7f3eee87e6198d233232fe2d73e7cc75cb30722c00000738
e724effb02ce80509d638a8d147d0f315fefe1e345bb8015d432495777517e43
e745a4b8c4213f6338afe0d6ead6ee17214695dbe7b8484bda782e354898eba7
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b
f772519eaee7afdcb6ca6d1d162951ad6805219c55bf322cbcc5f03ce7d8cb8d
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
fabedaea312b5fafb27a692fed30e114a5e87995c227f7253f5a846071c68524
fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc
fd110802bfc94a315236b952fc20ee920c1cf886b9526ffad1ee4ff9057d2394
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffad8419f85c15cf2cc8ae98d79e4c1c395ec6491924ae92900d223131a50175

mrhacker.co Open in urlscan Pro 2606:4700:3037::6815:15a2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

145 Requests

88 %HTTPS

88 %IPv6

36 Domains

41 Subdomains

33 IPs

3 Countries

4064 kBTransfer

5934 kBSize

6 Cookies

19 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mrhacker.co Open in urlscan Pro
2606:4700:3037::6815:15a2 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

88 %
HTTPS

88 %
IPv6

36
Domains

41
Subdomains

33
IPs

3
Countries

4064 kB
Transfer

5934 kB
Size

6
Cookies

145 HTTP transactions
12 data transactions