thehackernews.com Open in urlscan Pro
2606:4700:20::681a:161 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Submission: On September 15 via api (September 15th 2021, 7:39:57 am UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 29 domains to perform 104 HTTP transactions. The main IP is 2606:4700:20::681a:161, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.

This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:20:... 2606:4700:20::681a:161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:26f0:ec:... 2a02:26f0:ec:4b7::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:1dad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a02:26f0:ec:... 2a02:26f0:ec:4a6::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	213.254.244.18 213.254.244.18	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
3	213.254.244.15 213.254.244.15	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
3	2a00:1450:400... 2a00:1450:4007:816::2002	15169 (GOOGLE) (GOOGLE)
4	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.179.98 142.250.179.98	15169 (GOOGLE) (GOOGLE)
4	13.249.7.113 13.249.7.113	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4007:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	142.250.179.70 142.250.179.70	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218e:7600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4007:807::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4007:80e::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.18.194 172.217.18.194	15169 (GOOGLE) (GOOGLE)
1	13.32.158.29 13.32.158.29	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4007:818::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:817::2006	15169 (GOOGLE) (GOOGLE)
1 2	18.203.33.226 18.203.33.226	16509 (AMAZON-02) (AMAZON-02)
1	52.17.218.235 52.17.218.235	16509 (AMAZON-02) (AMAZON-02)
3	213.254.244.21 213.254.244.21	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4	2a00:1450:400... 2a00:1450:4007:815::2003	15169 (GOOGLE) (GOOGLE)
104	27

13 2606:4700:20::681a:161 (United States)

ASN13335 (CLOUDFLARENET, US)

thehackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:ec:4b7::4469 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1dad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ec:4a6::4469 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.18 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.15 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps20518.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4007:816::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.179.98 (United States)

ASN15169 (GOOGLE, US)
PTR: par21s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.249.7.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-7-113.cdg53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4007:80b::200e (Ireland)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.179.70 (United States)

ASN15169 (GOOGLE, US)
PTR: par21s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218e:7600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4007:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.194 (United States)

ASN15169 (GOOGLE, US)
PTR: par10s38-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-158-29.cdg50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:818::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:817::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.33.226 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-33-226.eu-west-1.compute.amazonaws.com

att.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.218.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-218-235.eu-west-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.21 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps20519.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:815::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20518.doubleverify.com tps20519.doubleverify.com tps.doubleverify.com tps20243.doubleverify.com Failed	133 KB
13	thehackernews.com thehackernews.com	269 KB
9	google.com fundingchoicesmessages.google.com	99 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	89 KB
7	adpushup.com cdn.adpushup.com e3.adpushup.com	195 KB
6	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	164 KB
4	gstatic.com fonts.gstatic.com	153 KB
4	amazon-adsystem.com c.amazon-adsystem.com	37 KB
3	googletagservices.com www.googletagservices.com	58 KB
2	demdex.net 1 redirects att.demdex.net	2 KB
1	agkn.com d.agkn.com	658 B
1	2mdn.net s0.2mdn.net	79 KB
1	truste.com choices.truste.com	9 KB
1	googleapis.com fonts.googleapis.com	4 KB
1	criteo.com gum.criteo.com bidder.criteo.com Failed
1	quantcount.com rules.quantcount.com	346 B
1	quantserve.com secure.quantserve.com	9 KB
1	jquery.com code.jquery.com	29 KB
0	adsrvr.org Failed match.adsrvr.org Failed
0	trustarc.com Failed choices.trustarc.com Failed
0	criteo.net Failed static.criteo.net Failed
0	google-analytics.com Failed www.google-analytics.com Failed
0	cloudflare.com Failed cdnjs.cloudflare.com Failed
0	adnxs.com Failed ib.adnxs.com Failed acdn.adnxs.com Failed
0	districtm.io Failed dmx.districtm.io Failed cdn.districtm.io Failed
0	connectad.io Failed i.connectad.io Failed cdn.connectad.io Failed
0	openx.net Failed adpushup-d.openx.net Failed u.openx.net Failed
0	a-mo.net Failed prebid.a-mo.net Failed 1x1.a-mo.net Failed
0	jsdelivr.net Failed cdn.jsdelivr.net Failed
104	29

	Domain	Requested by
13	thehackernews.com	thehackernews.com
9	fundingchoicesmessages.google.com	cdn.adpushup.com
7	cdn.doubleverify.com	thehackernews.com cdn.doubleverify.com ad.doubleclick.net
5	pagead2.googlesyndication.com	ad.doubleclick.net thehackernews.com tpc.googlesyndication.com www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
4	c.amazon-adsystem.com	cdn.adpushup.com c.amazon-adsystem.com
4	e3.adpushup.com	cdn.adpushup.com thehackernews.com
3	tps20519.doubleverify.com	cdn.doubleverify.com
3	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net
3	www.googletagservices.com	cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
3	tps20518.doubleverify.com	cdn.doubleverify.com
3	cdn.adpushup.com	thehackernews.com cdn.adpushup.com
2	att.demdex.net	1 redirects thehackernews.com
2	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	d.agkn.com	thehackernews.com
1	s0.2mdn.net	thehackernews.com
1	choices.truste.com	ad.doubleclick.net
1	fonts.googleapis.com
1	gum.criteo.com	cdn.adpushup.com
1	rules.quantcount.com	secure.quantserve.com
1	ad.doubleclick.net	www.googletagservices.com
1	secure.quantserve.com	cdn.adpushup.com
1	code.jquery.com	cdn.adpushup.com
0	u.openx.net Failed	cdn.adpushup.com
0	acdn.adnxs.com Failed	cdn.adpushup.com
0	cdn.connectad.io Failed	cdn.adpushup.com
0	cdn.districtm.io Failed	cdn.adpushup.com
0	match.adsrvr.org Failed	cdn.adpushup.com
0	tps20243.doubleverify.com Failed	cdn.doubleverify.com
0	choices.trustarc.com Failed	choices.truste.com
0	static.criteo.net Failed	cdn.adpushup.com
0	1x1.a-mo.net Failed
0	www.google-analytics.com Failed	thehackernews.com
0	cdnjs.cloudflare.com Failed	thehackernews.com
0	ib.adnxs.com Failed	cdn.adpushup.com
0	bidder.criteo.com Failed	cdn.adpushup.com
0	dmx.districtm.io Failed	cdn.adpushup.com
0	i.connectad.io Failed	cdn.adpushup.com
0	adpushup-d.openx.net Failed	cdn.adpushup.com
0	prebid.a-mo.net Failed	cdn.adpushup.com
0	cdn.jsdelivr.net Failed	cdn.adpushup.com
104	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
deals.thehackernews.com
thehackernews.tradepub.com
www.instagram.com
t.me
go.thn.li
malpedia.caad.fkie.fraunhofer.de
www.sentinelone.com
blog.malwarebytes.com
adclick.g.doubleclick.net
scw.buzz

Subject Issuer	Validity	Valid
thehackernews.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-22` - `2022-06-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.adpushup.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-27` - `2022-08-29`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Frame ID: 24667673763CDAF2DA7B6A9C2658ABAC
Requests: 95 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 8DE785591520B16FB57A2C2DB5F5FC3E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: C0B4666DF6D4D88BFAE721E48310FCF6
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: EED18BE507877716DF21319852A8364D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 784338874A6FA17B3EF7067BEC56F819
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1780.js
Frame ID: A62B9B8D353DBCC0EBE1BA1D3D864B95
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD9F0FEA1B462A0373D04C24CEFCB22C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: E1D5B70219E5C347FEDB6E7E2AF9E7CA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 9A6C38C7989E1C21396F3E467AEF8680
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9835A2046C0C9469A7F61ABB11B372CC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C2550949C8FE4B489C7B42F47EE1DE5B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Stealthier ZLoader Variant Spreading Via Fake TeamViewer Download Ads

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

77 %
HTTPS

58 %
IPv6

29
Domains

45
Subdomains

27
IPs

5
Countries

1337 kB
Transfer

3422 kB
Size

9
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thehackernews
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/thehackersnews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/thehackernews?sub_confirmation=1
Title: 

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/
Title:  Offers

Search URL Search Domain Scan URL

URL: https://thehackernews.tradepub.com/
Title: Free eBooks

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/free
Title: Freebies

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAADwuDObFWF60CiR-HQ
Title:  Telegram Channel

Search URL Search Domain Scan URL

URL: https://go.thn.li/crowdsec-728

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/win.zloader
Title: ZLoader

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/labs/hide-and-seek-new-zloader-infection-chain-comes-with-improved-stealth-and-evasion-mechanisms/
Title: said

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2020/05/the-silent-night-zloader-zbot/
Title: fully-featured banking trojan

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvzb8ChQF1bVnQO_68qbUoUFJyKTK-6fAYHIHVexzNjHmuZA2IfdfCcNWifxVefguhOBU2Jls5CpBSx5RTYF8XIzsOM6udeYJZFSgB322ORFkJrq01tVyjHOPIgogO-LKhUeG8H&sig=Cg0ArKJSzDTw35unozHq&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://d.agkn.com/pixel/2389/%3Fche%3D1823368597%26col%3D24935727,5936378,292494536,486197547,144230506%26l0%3Dhttp://att.demdex.net/event%3Fd_event%3Dclick%26d_src%3D127123%26d_adsrc%3D6141273%26d_campaign%3D24935727%26d_placement%3D292494536%26d_site%3D5936378%26d_creative%3D144230506%26d_adgroup%3D486197547%26d_rd%3Dhttps://cybersecurity.att.com/resource-center/ebook/how-to-build-a-security-operations-center%253Futm_medium%253DAdvertising%2526utm_source%253Dthn%2526utm_campaign%253DSOC-eBook%2526source%253DEBBrHNAVT00AvtDyO%2526type%253Ddisplay%2526LNS%253DTP_OT_MLT_DSP_0720%2526gcm_uid%253D0%2526dclid%253D%2525edclid!

Search URL Search Domain Scan URL

URL: https://go.thn.li/scw-200

Search URL Search Domain Scan URL

URL: https://scw.buzz/3hPqovY
Title: Stamp out poor coding practices for goodDownload 'The Changing Face of Software Security 2021' to find out how.

Search URL Search Domain Scan URL

URL: https://go.thn.li/scw-native-1
Title: Compete. Win prizes. Become the ultimate Warrior.Join the Devlympics 2021 and compete internationally to be crowned the Ultimate Secure Code Warrior and win big.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-2019-ethical-hacker-masterclass-bundle
Title: <img alt='Learn Ethical Hacking Online' class='deal-link' src='https://thehackernews.com/images/-6bFLF28Wvxc/XHaUg588fBI/AAAAAAAAAGU/USPKfrcXaLgzaOBfKGb92v-0T12CIaK9wCLcBGAs/s260-e100/learn-hacking-training.jpg'/> Ethical Hacking - Practical Training 10 courses + 1,236 lessons on latest techniques, forensics, malware analysis, network security and programming.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/lifetime-access-to-stackskills-unlimited
Title: <img alt='Unlimited Secure VPN Service' class='deal-link' src='https://thehackernews.com/images/-NnUk1eJVmVk/XHggwOYT51I/AAAAAAAAzbg/_5sUNHfsdiYDo-si4rya7tVT4pSZI0qSACLcBGAs/s260-e100/unlimited-vpn.jpg'/> 1000+ Premium Online Courses With course certification, Q/A webinars and lifetime access.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-cybersecurity-expert-certification-training-bundle
Title: <img alt='Best Hacking Books' class='deal-link' src='https://thehackernews.com/images/-4fAuruXOrkE/XDW4dE5zVMI/AAAAAAAAy9A/K13EeHK67NM69FUaCYDYtunHofUHjtt4wCLcBGAs/s260-e100/hacking-cybersecurity-books.jpg'/> Cybersecurity Certification Training CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-complete-2020-comptia-certification-training-bundle
Title: <img alt='Cisco Certification Courses' class='deal-link' src='https://thehackernews.com/images/-2nVCe__qYkc/WxVG9s8C7CI/AAAAAAAAw6Q/fFsdOSE-DEYDqqf3z9KWus0oBWdbzAkAgCLcBGAs/s260-e100/cisco-it-networking-certification.png'/> CompTIA IT Certification Training Lifetime access to 14 expert-led courses.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/citizengoods-exclusives
Title: Exclusives

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-specialization-developer
Title: Development

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-interest-android
Title: Android

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378

104 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-stealthier-zloader-variant.html Show response
thehackernews.com/2021/09/ 110 KB
40 KB 5444ms
341ms Document
text/html 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordPress VIP

Resource Hash

f7da1f347d3b74c6753fcd90fa042b5e9e67690d167f6450312f99d390a95fb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: thehackernews.com
:scheme: https
:path: /2021/09/new-stealthier-zloader-variant.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Sep 2021 07:39:26 GMT
content-type: text/html; charset=UTF-8
cf-ray: 68f0338259904345-FRA
cache-control: private, max-age=0
expires: Wed, 15 Sep 2021 07:39:26 GMT
last-modified: Wed, 15 Sep 2021 05:01:10 GMT
link: </css/roboto.css>; as=style; rel=preload
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-forwarded-for: 2001:ac8:20:8f:138::1
x-frame-options: DENY
x-powered-by: WordPress VIP
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y67PswlZeD5gYPT3%2FSN9mtJNG1r%2FuCokqOOhMEWcb0g9aqvFJNU%2FMUyNJufM9JDWC6adfeWYKNOPas5Eq%2BV5LX6ot%2BuvpBG0uTE55og2N%2Bqvr6eNuXQWHSre%2Bg39ZbdgWMazpBdu%2Bq34tTF%2BQFD0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-h2-pushed: </css/roboto.css>

GET
H2 200 roboto.css
thehackernews.com/css/ 77 KB
58 KB 14ms
0ms Stylesheet
text/css 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/css/roboto.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt%2Bhb840UpLAEXSLa7614PdWT4NxvirXuDTzw0HDXgwAOTHeqgOrAOI%2BhATkhZGI%2FcuHASSzCBnzCIgcIIMLtoXUfKvXdQ%2BOlIyLl6V7UZIHjrrvn0A1mw5Dzs%2F3tIF%2BA5bULM54oIfw87AlAh9T"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, immutable
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 68f033846e0b4345-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fileless-malware-attack.png
thehackernews.com/images/-p5JmmQt_94U/YUCmMznmorI/AAAAAAAADy8/1Wk24mlCXJYeyXzLHzPINAoMnoZ0M3q1gCLcBGAsYHQ/s0/ 64 KB
65 KB 36ms
36ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-p5JmmQt_94U/YUCmMznmorI/AAAAAAAADy8/1Wk24mlCXJYeyXzLHzPINAoMnoZ0M3q1gCLcBGAsYHQ/s0/fileless-malware-attack.png

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a86ebdd61ff7f0fe37c32ee43e6ae89796aed4fe4d4ca389f3a1d4f8f286336

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-p5JmmQt_94U/YUCmMznmorI/AAAAAAAADy8/1Wk24mlCXJYeyXzLHzPINAoMnoZ0M3q1gCLcBGAsYHQ/s0/fileless-malware-attack.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64528
cf-polished: origFmt=png, origSize=67851
content-disposition: inline; filename="fileless-malware-attack.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65532
x-xss-protection: 0
expires: Wed, 15 Sep 2021 13:43:58 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vf30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp0wH7b%2BIM7soKgbmDtHFYi0TPw%2FIazBU8%2Bs5YIKnCEbG%2FcrnOHo%2FmMwv7jgz4sR%2BXjjoMhRjbqpEX4ieUjGM%2FfPeBoXjLYqOpyVVPYGfTYLt45YcO8CWlloucrdnKgHJSgMU6kbsxefxFP1K2z9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f033849e6f4345-FRA
access-control-expose-headers: Content-Length

GET
H2 200 cyber.jpg
thehackernews.com/images/-vXQU__Do5vo/YUChdt2-TyI/AAAAAAAADy0/x4JdxnBre98SHA-IbQHEabocTTPRKAQ7QCLcBGAsYHQ/s0/ 38 KB
38 KB 24ms
23ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-vXQU__Do5vo/YUChdt2-TyI/AAAAAAAADy0/x4JdxnBre98SHA-IbQHEabocTTPRKAQ7QCLcBGAsYHQ/s0/cyber.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45901b04c888739df5f8bb0c1c213a8cc7893a1b72f1f3ea6b24ae1f4691c8fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-vXQU__Do5vo/YUChdt2-TyI/AAAAAAAADy0/x4JdxnBre98SHA-IbQHEabocTTPRKAQ7QCLcBGAsYHQ/s0/cyber.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64514
cf-polished: origSize=41653, status=webp_bigger
content-disposition: inline;filename="cyber.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38592
x-xss-protection: 0
expires: Wed, 15 Sep 2021 13:44:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vf2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aNiBKvqs72CRGjLcW6f%2BNhK8g7xEhJZzRQtFWmz3vtNRpk%2B9IH36RhyLQZmz4ctHGZSrrviE1BRCGjN%2F%2FbRs0Yns1izNJWRucnMojDcJ54oP1Ab7zk4VfF%2FtGtezZJG0cT1CE5w7WZWP7tt8Igg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f033849e8c4345-FRA
access-control-expose-headers: Content-Length

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 5192ms
43ms Script
application/javascript 2a02:26f0:ec:4b7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4b7::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 07:39:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:25 GMT
Server: Microsoft-IIS/10.0
ETag: "e6262781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 5191ms
43ms Script
application/javascript 2a02:26f0:ec:4b7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4b7::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 07:39:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:25 GMT
Server: Microsoft-IIS/10.0
ETag: "e6262781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H2 200 rocket-loader.min.js Show response
thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61375a60-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuR%2Fhv%2F2PVmVJvEURo8zNTTMfO4rvcgme8wSO%2B6WU%2BV%2F%2B7rAa174jaw4sRioQg5l76SrlQLuuN8rQpBaf6YEjH0zi881XJjyBhXImvus1EeunehKJAFa2ZlkHz2Q15lSntkWmj5aWsYjAYCVbmBh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 68f033849e8f4345-FRA
expires: Fri, 17 Sep 2021 07:39:26 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/37020/ 359 KB
99 KB 5166ms
44ms Script
application/javascript 2606:4700::6812:1dad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/37020/adpushup.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1dad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a5f97ff2683ab748642cbebd491b6aac3c896fdb2e7f5c6d974221a5554e59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 17:14:05 GMT
server: cloudflare
age: 51853
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-cf-geodata: NL
cf-ray: 68f033a4ac544e74-FRA
expires: Wed, 15 Sep 2021 11:39:31 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Referer
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ 61 KB
19 KB 65ms
65ms Script
application/javascript 2a02:26f0:ec:4b7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4b7::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 15 Sep 2021 07:39:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:42 GMT
Server: Microsoft-IIS/10.0
ETag: "08bf9811a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 5081ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:37 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2016 17:52:17 GMT
server: nginx
etag: W/"56eaeed1-14e98"
vary: Accept-Encoding
x-hw: 1631691577.dop023.ml1.t,1631691577.cds218.ml1.hn,1631691577.cds027.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 8DE7 1 KB
1 KB 5093ms
22ms Document
text/html 2a02:26f0:ec:4a6::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4a6::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=52429
Date: Wed, 15 Sep 2021 07:39:37 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
866 B 5053ms
11ms Script
text/javascript 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_35667659511&jsTagObjCallback=__tagObject_callback_35667659511&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=35667659511&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=5042&fec=379&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTau%3F6H%5CDE62%3DE9%3A6C%5CK%3D%40256C%5CG2C%3A2%3FE%5D9E%3E%3D&dvp_exetime=7.50&callbackName=__verify_callback_35667659511
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 43ac206eefd837b9a7433095fe8eb7059395f6503b92a109918604003fbe93d4

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 0
Content-Encoding: gzip
Date: Wed, 15 Sep 2021 07:39:36 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 9/14/2021 7:39:37 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame C0B4 4 KB
2 KB 22ms
22ms Script
application/javascript 2a02:26f0:ec:4b7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4b7::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 07:39:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=60131
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ 807 B
1 KB 5052ms
12ms Ping
image/gif 213.254.244.15
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=ee4e0dfb577340ada8436b10a12b91db&dvp_or2=1&cbust=1631691577152543
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 9/14/2021 7:39:42 AM

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ 807 B
1 KB 5047ms
8ms Ping
image/gif 213.254.244.15
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=ee4e0dfb577340ada8436b10a12b91db&vfdur=5054&cbust=1631691577153347
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 9/14/2021 7:39:42 AM

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 8 KB
5 KB 5091ms
22ms Script
text/javascript 2a00:1450:4007:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:816::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f99c92c022128ac0a66fa125b4fb27c1cbafa094ed31e4e4bcfe1b6b360c14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 15 Sep 2021 07:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3982
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 14:06:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-dcm-tag"
expires: Wed, 15 Sep 2021 08:08:36 GMT

GET
H2 200 pb.37020.1631637442652.js Show response
cdn.adpushup.com/prebid/ 314 KB
95 KB 26ms
26ms Script
application/javascript 2606:4700::6812:1dad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.37020.1631637442652.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1dad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6285dce6b9fb557bd0c15683c62f9be0f2e0b760086854b59c952791ba9e8ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 16:38:00 GMT
server: cloudflare
age: 54086
etag: W/"6140cfe8-4e812"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 68f033c57ea24e74-FRA
expires: Thu, 15 Sep 2022 07:39:37 GMT

GET
BLOB 200
OK 6a56a562-c650-4dc5-bb3e-3698c774201a
https://thehackernews.com/ 4 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thehackernews.com/6a56a562-c650-4dc5-bb3e-3698c774201a
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 3743

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
370 B 13ms
13ms Script
application/javascript 2606:4700::6812:1dad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1dad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: cloudflare
age: 435675
etag: W/"60d94cdb-1c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 68f033c5ef334e74-FRA
expires: Wed, 15 Sep 2021 11:39:37 GMT

POST
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
320 B 5068ms
14ms Ping
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:42 GMT
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 5101ms
28ms Script
text/javascript 142.250.179.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par21s20-in-f2.1e100.net

Software

sffe /

Resource Hash

f403cbe5751ef313def120dc0aded1d05242f963459de0e262f1b4fa87a449e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "987 / 531 of 1000 / last-modified: 1631661714"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24983
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Sep 2021 07:39:42 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 127 KB
34 KB 5084ms
21ms Script
application/javascript 13.249.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-7-113.cdg53.r.cloudfront.net
Software: Server /
Resource Hash: 1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:29:52 GMT
content-encoding: gzip
age: 589
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0BB2P6F53X37N48FEAWR
etag: 708a268139e52bdfbe59398b3e766151
vary: Accept-Encoding
x-amz-version-id: uWwyK2X6BNEEFcp6N7LVJOnZGxm.y_02
via: 1.1 0bdb6226f7a0cedb88fa9173b0b4ca10.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: fjneYp3eDmdUv3RxjKb4lg6vwl1qqhTCO70HUoSeimGgeFHSIeba5g==

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 93 KB
35 KB 5134ms
58ms Script
application/javascript 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddfce29193278238441c5326565dcd2ce8034dbdd47940ac8183cb5d201f05cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+oeno+sOITYPaCTs+Xc9mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+oeno+sOITYPaCTs+Xc9mA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-+oeno+sOITYPaCTs+Xc9mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+oeno+sOITYPaCTs+Xc9mA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 5051ms
12ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 22 Sep 2021 07:39:42 GMT

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ 807 B
1 KB 3046ms
9ms Ping
image/gif 213.254.244.15
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=ee4e0dfb577340ada8436b10a12b91db&pltfrm=Linux%20x86_64&cbust=1631691579154370
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 9/14/2021 7:39:42 AM

GET
H2 200 impl_v79.js Show response
www.googletagservices.com/dcm/ 37 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4007:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v79.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:816::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44abe3410418a547f3412ba93a94ffdfd1dbadf9c785418af8ef15d7877fa2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 13 Sep 2021 19:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15928
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:19:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 19:26:42 GMT

GET
H2 200 B24935727.292494536;dc_ver=79.228;dc_rxp=1;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_tfhtql5lx8qPA__;dc_adk=473486474;ord=kpude6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B... Show response
ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/ 44 KB
22 KB 5125ms
56ms Script
text/javascript 142.250.179.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=79.228;dc_rxp=1;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_tfhtql5lx8qPA__;dc_adk=473486474;ord=kpude6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html$0;xdt=0;crlt=irIrksW'*O;sttr=39;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v79.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par21s19-in-f6.1e100.net

Software

cafe /

Resource Hash

a58b89613c429c71147ffcbe620d0c5c8dbecc2570c71b1bf56d1af3abf857b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 2 B
346 B 5093ms
21ms Script
application/javascript 2600:9000:218e:7600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:7600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 06:50:12 GMT
via: 1.1 59217f0941f089caa7fbc6da584e0d2f.cloudfront.net (CloudFront)
server: AmazonS3
age: 2974
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: CDG52-P1
content-length: 2
x-amz-cf-id: oLSHSsw_9SHrV7MONQIVWwEPpkZ1Bv8SmHzaLO3cA0y6TEksH4Ngpg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 107ms
106ms XHR
text/plain 13.249.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-7-113.cdg53.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:41 GMT
via: 1.1 0bdb6226f7a0cedb88fa9173b0b4ca10.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://thehackernews.com
cache-control: max-age=43150, s-maxage=43200
access-control-allow-credentials: true
x-amz-cf-id: l8OWYb5hjU0XgtTWY04fH7Rk77Hw1NTdLlGxUDLB0Rt69MOy-_k_-Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 60ms
20ms XHR
application/javascript 13.249.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-7-113.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 35139
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 07 Sep 2021 22:15:56 GMT
server: AmazonS3
date: Tue, 14 Sep 2021 22:02:16 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f6d81b3012ddbb7788e324c7c08594a7.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: pX4So_lHcClqOWWgbre6iAL-tXq5YBWGVbVtEin2ttsERy5RzSTFHw==

GET
H2 200 pubads_impl_2021090901.js Show response
securepubads.g.doubleclick.net/gpt/ 334 KB
117 KB 29ms
29ms Script
text/javascript 142.250.179.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090901.js?31062521

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par21s20-in-f2.1e100.net

Software

sffe /

Resource Hash

19bb58a207c589d9941c53573f1799e2ea57c9c423597b2473d37089de7310cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119247
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 08:39:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Sep 2021 07:39:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 143 B
131 B 54ms
28ms XHR
application/json 142.250.179.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thehackernews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par21s20-in-f2.1e100.net

Software

cafe /

Resource Hash

3e2662d2cc5114073ccdc2611e908b3b51990027b5cbb651c69954274e2123db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 07:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Wed, 15 Sep 2021 07:39:42 GMT

POST
H2 204 AGSKWxUrY0P8kG4YZoYCPXSKePDekp-x-du3GGUN6_Gl4PLDOkOr_Jqla1uMZ102yYsfj886HYFqHSGMnG0TY_EVQTA= Show response
fundingchoicesmessages.google.com/el/ 0
362 B 356ms
54ms XHR
text/html 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUrY0P8kG4YZoYCPXSKePDekp-x-du3GGUN6_Gl4PLDOkOr_Jqla1uMZ102yYsfj886HYFqHSGMnG0TY_EVQTA=?pvid=ECD164EA-1541-4407-B771-D94D9639189A&anonid=596290FD-541E-4A10-B0CC-565633D36C4B

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dMIUHp0j8sceyzufVBa6tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dMIUHp0j8sceyzufVBa6tA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-dMIUHp0j8sceyzufVBa6tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dMIUHp0j8sceyzufVBa6tA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUrY0P8kG4YZoYCPXSKePDekp-x-du3GGUN6_Gl4PLDOkOr_Jqla1uMZ102yYsfj886HYFqHSGMnG0TY_EVQTA= Show response
fundingchoicesmessages.google.com/el/ 0
365 B 347ms
46ms XHR
text/html 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kHEBy05+a4VJQfFD1svRkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kHEBy05+a4VJQfFD1svRkA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-kHEBy05+a4VJQfFD1svRkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kHEBy05+a4VJQfFD1svRkA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUrY0P8kG4YZoYCPXSKePDekp-x-du3GGUN6_Gl4PLDOkOr_Jqla1uMZ102yYsfj886HYFqHSGMnG0TY_EVQTA= Show response
fundingchoicesmessages.google.com/el/ 0
363 B 325ms
48ms XHR
text/html 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GmqEfMdWRy9WdgMeFhiTXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-GmqEfMdWRy9WdgMeFhiTXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-GmqEfMdWRy9WdgMeFhiTXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-GmqEfMdWRy9WdgMeFhiTXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXq4i9MTF7mJe635vo2SQZ0WxZrGjF5JJ34dIefaAISdabdqiXm9PAFR9tYkL5ZwPwcrRynJS0QlXlGTkiq_Sc= Show response
fundingchoicesmessages.google.com/f/ 275 KB
61 KB 74ms
73ms Script
application/javascript 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXq4i9MTF7mJe635vo2SQZ0WxZrGjF5JJ34dIefaAISdabdqiXm9PAFR9tYkL5ZwPwcrRynJS0QlXlGTkiq_Sc=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxNjkxNTgyLDQ5MDAwMDAwMF0sIkVDRDE2NEVBLTE1NDEtNDQwNy1CNzcxLUQ5NEQ5NjM5MTg5QSIsIjU5NjI5MEZELTU0MUUtNEExMC1CMENDLTU2NTYzM0QzNkM0QiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3RoZWhhY2tlcm5ld3MuY29tLzIwMjEvMDkvbmV3LXN0ZWFsdGhpZXItemxvYWRlci12YXJpYW50Lmh0bWwiXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74e7b60dac58a6de6ed9c6fc1c59cd63dee58d5aa27893d17953e584379726da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mWrfXWPjDUNawrXavs0ubg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mWrfXWPjDUNawrXavs0ubg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-mWrfXWPjDUNawrXavs0ubg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mWrfXWPjDUNawrXavs0ubg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 15ms
14ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzE2OTE1ODI0OTEsInBhY2tldElkIjoiMDAwMDkwOUMtZjI2ZDE2OWMtYmFlYy00ZjFkLTlhNjQtOTEyZWVjNjdkZmNiIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzA5L25ldy1zdGVhbHRoaWVyLXpsb2FkZXItdmFyaWFudC5odG1sIiwibW9kZSI6MiwiZXJyb3JDb2RlIjo3LCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 21ms
21ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzE2OTE1ODI0OTUsInBhY2tldElkIjoiMDAwMDkwOUMtZjI2ZDE2OWMtYmFlYy00ZjFkLTlhNjQtOTEyZWVjNjdkZmNiIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzA5L25ldy1zdGVhbHRoaWVyLXpsb2FkZXItdmFyaWFudC5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijk2N2VjZmFkLWJmNmItNDI5ZS05YTM5LTk3NzBjOGI3ZDE4OCIsInNlY3Rpb25OYW1lIjoiQVBfVF9SX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV85NjdlYyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfMzcwMjBfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzk2N2VjZmFkLWJmNmItNDI5ZS05YTM5LTk3NzBjOGI3ZDE4OCIsInNlcnZpY2VzIjpbMiwzXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 21ms
21ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzE2OTE1ODI1MDAsInBhY2tldElkIjoiMDAwMDkwOUMtZjI2ZDE2OWMtYmFlYy00ZjFkLTlhNjQtOTEyZWVjNjdkZmNiIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzA5L25ldy1zdGVhbHRoaWVyLXpsb2FkZXItdmFyaWFudC5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjhjMmQ3Zjk0LWE5YzUtNDNiMi04M2E0LWNkY2Y3MTFhZTA1ZSIsInNlY3Rpb25OYW1lIjoiQVBfVF9SX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV84YzJkNyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfMzcwMjBfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzhjMmQ3Zjk0LWE5YzUtNDNiMi04M2E0LWNkY2Y3MTFhZTA1ZSIsInNlcnZpY2VzIjpbMiwzXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 204 AGSKWxUrY0P8kG4YZoYCPXSKePDekp-x-du3GGUN6_Gl4PLDOkOr_Jqla1uMZ102yYsfj886HYFqHSGMnG0TY_EVQTA= Show response
fundingchoicesmessages.google.com/el/ 0
945 B 95ms
41ms XHR
text/html 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7gEvpOo+QueB1uafCtUKWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7gEvpOo+QueB1uafCtUKWw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-7gEvpOo+QueB1uafCtUKWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7gEvpOo+QueB1uafCtUKWw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 47ms
47ms XHR
text/javascript 13.249.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html&pid=lh5ZuvPRHozSf&cb=0&ws=1600x1200&v=7.68.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055424785%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889203%22%7D%5D&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-7-113.cdg53.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
via: 1.1 0bdb6226f7a0cedb88fa9173b0b4ca10.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG53-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thehackernews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Gm_a7imBlVUAeNERJVPFhRCsyauI11zqIHW4HhANrYL_tOq0_dDHYw==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 5081ms
19ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://thehackernews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://thehackernews.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1430
date: Wed, 15 Sep 2021 07:39:46 GMT
content-encoding: gzip
vary: Accept-Encoding

GET latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 0
0

GET json
gum.criteo.com/sid/ 0
0

POST
H2 204 AGSKWxW0EtIb_Atx_y2GHTGTaV8ND-jgVxXKMfsUXVIhSdTqjcIWCeOePNeKyp9YXVG493zRGslyKgAzqLjjKf0Eyjcx8Ek8ACWz0Ps-UvA98M_BRat9_b8g3TItLzfvviActpR3FwvQo0JhddVbMAyqDGeHhSgpDiG8wtPDkyShbNpcsJ2JNPqrRYnER5a9 Show response
fundingchoicesmessages.google.com/el/ 0
530 B 38ms
37ms XHR
text/html 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW0EtIb_Atx_y2GHTGTaV8ND-jgVxXKMfsUXVIhSdTqjcIWCeOePNeKyp9YXVG493zRGslyKgAzqLjjKf0Eyjcx8Ek8ACWz0Ps-UvA98M_BRat9_b8g3TItLzfvviActpR3FwvQo0JhddVbMAyqDGeHhSgpDiG8wtPDkyShbNpcsJ2JNPqrRYnER5a9?dmid=970e7566fd7b1e49

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.ZDrqzDahAdc.es5.O/d=1/rs=AJlcJMyqEICxPTvDLZPFLSwCXKRZpq-KRA/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Z4eBRcs19xSdRCx3/lCWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0Z4eBRcs19xSdRCx3/lCWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-0Z4eBRcs19xSdRCx3/lCWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0Z4eBRcs19xSdRCx3/lCWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxW0EtIb_Atx_y2GHTGTaV8ND-jgVxXKMfsUXVIhSdTqjcIWCeOePNeKyp9YXVG493zRGslyKgAzqLjjKf0Eyjcx8Ek8ACWz0Ps-UvA98M_BRat9_b8g3TItLzfvviActpR3FwvQo0JhddVbMAyqDGeHhSgpDiG8wtPDkyShbNpcsJ2JNPqrRYnER5a9 Show response
fundingchoicesmessages.google.com/el/ 0
365 B 61ms
60ms XHR
text/html 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IJTc/VdQM39qPqqvNNJRPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-IJTc/VdQM39qPqqvNNJRPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-IJTc/VdQM39qPqqvNNJRPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-IJTc/VdQM39qPqqvNNJRPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 52 KB
4 KB 5114ms
35ms Stylesheet
text/css 2a00:1450:4007:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07c3e61964ce639a79922336afb6a4702c84d95cd775e11a6624697cf1b28546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:39:47 GMT
server: ESF
date: Wed, 15 Sep 2021 07:39:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 07:39:47 GMT

POST
H2 204 AGSKWxW0EtIb_Atx_y2GHTGTaV8ND-jgVxXKMfsUXVIhSdTqjcIWCeOePNeKyp9YXVG493zRGslyKgAzqLjjKf0Eyjcx8Ek8ACWz0Ps-UvA98M_BRat9_b8g3TItLzfvviActpR3FwvQo0JhddVbMAyqDGeHhSgpDiG8wtPDkyShbNpcsJ2JNPqrRYnER5a9 Show response
fundingchoicesmessages.google.com/el/ 0
366 B 39ms
39ms XHR
text/html 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jnk6Eg+h66Pa0I7znXCN+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jnk6Eg+h66Pa0I7znXCN+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 07:39:42 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-jnk6Eg+h66Pa0I7znXCN+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jnk6Eg+h66Pa0I7znXCN+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 125 KB
38 KB 38ms
37ms Script
text/javascript 2a00:1450:4007:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=79.228;dc_rxp=1;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_tfhtql5lx8qPA__;dc_adk=473486474;ord=kpude6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html$0;xdt=0;crlt=irIrksW'*O;sttr=39;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:816::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 07:39:47 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ 8 KB
4 KB 5092ms
21ms Script
text/javascript 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 07:15:36 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
545 B 5098ms
30ms Ping
image/gif 172.217.18.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzb8ChQF1bVnQO_68qbUoUFJyKTK-6fAYHIHVexzNjHmuZA2IfdfCcNWifxVefguhOBU2Jls5CpBSx5RTYF8XIzsOM6udeYJZFSgB322ORFkJrq01tVyjHOPIgogO-LKhUeG8H&sig=Cg0ArKJSzOGEWTkMqOalEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210909.67939&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 07:39:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ 8 KB
4 KB 31ms
30ms Script
application/javascript 2a02:26f0:ec:4b7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=607671&cmp=24935727&sid=5936378&plc=292494536&num=&adid=&advid=6141273&adsrv=1&region=30&btreg=486197547&btadsrv=doubleclick&crt=144230506&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src&dvp_att_uid=__AP1_np_dv_tfhtql5lx8qPA__
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=79.228;dc_rxp=1;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_tfhtql5lx8qPA__;dc_adk=473486474;ord=kpude6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html$0;xdt=0;crlt=irIrksW'*O;sttr=39;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4b7::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 07a77e54a374d23938d7d1f8e3fae0836b07a5a4f1214a9862bd54d658ad4906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 07:39:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 15:22:46 GMT
Server: Microsoft-IIS/10.0
ETag: "0a7aa5e7ca9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290

GET
H2 200 ca Show response
choices.truste.com/ 28 KB
9 KB 5166ms
104ms Script
text/javascript 13.32.158.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144230506_292494536&js=st0
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=79.228;dc_rxp=1;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_tfhtql5lx8qPA__;dc_adk=473486474;ord=kpude6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html$0;xdt=0;crlt=irIrksW'*O;sttr=39;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.158.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-158-29.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: 49f90726581ac3e3db86138de1b55948a5075fb4a70ba550a581df1bba049bb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:52 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: CDG50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 ac22d72b36b27c038e1554f7554aa0be.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: zhnd4vTTG25MPWEt4eel_sZ5uQH5xMu9mgCG2rSkcTFhafdrzWCU_Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 5100ms
24ms Script
text/javascript 2a00:1450:4007:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 19:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 19:40:26 GMT

GET
H2 200 I_ABU_AVT_3_STB_DTP_300x250_S_N_EN_NA_ABS_AVT_ForresterWave_NA_NA_01-01_MF.jpg
s0.2mdn.net/6141273/ 79 KB
79 KB 5100ms
25ms Image
image/jpeg 2a00:1450:4007:817::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6141273/I_ABU_AVT_3_STB_DTP_300x250_S_N_EN_NA_ABS_AVT_ForresterWave_NA_NA_01-01_MF.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:817::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2caac00e5fb95483fc57c9683c105bcdc05bdfe49d73e00bac03fa9500b53d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 07:50:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 18:29:30 GMT
server: sffe
age: 85742
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80886
x-xss-protection: 0
expires: Wed, 15 Sep 2021 07:50:50 GMT

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378

42 B
945 B

41ms
40ms

Image
image/gif

18.203.33.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.33.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-33-226.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-05abeeea0.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gPB+qUEhRgw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v016-0ce11b196.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: A+oB5Ab8Ttg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144230506&d_placement=292494536&d_campaign=24935727&d_site=5936378
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ 43 B
658 B 5151ms
32ms Image
image/gif 52.17.218.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=DE&st=&city=5672&dma=0&zp=60326&bw=4&che=1823368597&col=24935727,5936378,292494536,486197547,144230506
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.218.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-218-235.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame EED1 1 KB
1 KB 32ms
32ms Document
text/html 2a02:26f0:ec:4a6::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4a6::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=52419
Date: Wed, 15 Sep 2021 07:39:47 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
864 B 41ms
15ms Script
text/javascript 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_722076457099&jsTagObjCallback=__tagObject_callback_722076457099&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=722076457099&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&fwc=0&fcl=163&flt=5042&fec=4328&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTau%3F6H%5CDE62%3DE9%3A6C%5CK%3D%40256C%5CG2C%3A2%3FE%5D9E%3E%3D&dvp_exetime=7.50&callbackName=__verify_callback_722076457099
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 4781f41491aba4aac0eaff9f548bf3d31ded16a0c8b77b07cf6315fd964fc0e8

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 0
Content-Encoding: gzip
Date: Wed, 15 Sep 2021 07:39:46 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 9/14/2021 7:39:47 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 7843 4 KB
2 KB 27ms
27ms Script
application/javascript 2a02:26f0:ec:4b7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4b7::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 07:39:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=60116
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H/1.1 200
OK dv-measurements1780.js Show response
cdn.doubleverify.com/ Frame A62B 495 KB
90 KB 33ms
32ms Script
application/javascript 2a02:26f0:ec:4b7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1780.js
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ec:4b7::4469 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 36c13046b23864f763bd9239d7b73c45b4ac9421cbf6a6ff5c19c202873c4cd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 07:39:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 12:07:20 GMT
Server: Microsoft-IIS/10.0
ETag: "04c3e797a8d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91718

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 5049ms
10ms Ping
image/gif 213.254.244.21
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=db02e892b3c2407ab0c3c6f3eaa448e1&vfdur=5054&cbust=1631691587503575
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 9/14/2021 7:39:52 AM

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 5043ms
9ms Ping
image/gif 213.254.244.21
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=db02e892b3c2407ab0c3c6f3eaa448e1&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1631691587509592
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 9/14/2021 7:39:52 AM

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ 807 B
1 KB 5043ms
8ms Ping
image/gif 213.254.244.21
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=db02e892b3c2407ab0c3c6f3eaa448e1&dvp_or2=1&cbust=1631691587509975
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 9/14/2021 7:39:52 AM

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vpng.jpg
thehackernews.com/images/-05Y4azfOtHY/YTmz5X6CzVI/AAAAAAAADwU/FmcJruB5qJM-D9XZtYFV-FPRYfwHpYpHwCLcBGAsYHQ/w72-h72-p-k-no-nu/ 2 KB
2 KB 29ms
28ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-05Y4azfOtHY/YTmz5X6CzVI/AAAAAAAADwU/FmcJruB5qJM-D9XZtYFV-FPRYfwHpYpHwCLcBGAsYHQ/w72-h72-p-k-no-nu/vpng.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

278e8a13d324d852846e09b1c13e8d601d61851f5c65caaec11b19b990eab45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-05Y4azfOtHY/YTmz5X6CzVI/AAAAAAAADwU/FmcJruB5qJM-D9XZtYFV-FPRYfwHpYpHwCLcBGAsYHQ/w72-h72-p-k-no-nu/vpng.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87885
cf-polished: origSize=1797, status=webp_bigger
content-disposition: inline;filename="vpng.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1776
x-xss-protection: 0
expires: Fri, 10 Sep 2021 17:22:27 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vf06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58jtXMQv7EUKBXD5Vg8smqV91Re8JcaenW5wzLmJUbz24clp580baZoQuWIAmlzGgYU0T008VQioGmhF6W1jDQgTICanbkvr0oylAnDPL0r%2F48XV%2BnlxQqkAXdzrL%2Fa0C7NfnWbJzu7JV9DdhcIf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f034066ff74345-FRA
access-control-expose-headers: Content-Length

GET
H2 200 microsoft-office-hack.jpg
thehackernews.com/images/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/w72-h72-p-k-no-nu/ 3 KB
4 KB 27ms
26ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/w72-h72-p-k-no-nu/microsoft-office-hack.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3c9b18745caf04dd75236c06f5b262a2c50ff99106797776eacbb905f0e95b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/w72-h72-p-k-no-nu/microsoft-office-hack.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87885
cf-polished: status=not_needed
content-disposition: inline;filename="microsoft-office-hack.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3169
x-xss-protection: 0
expires: Tue, 14 Sep 2021 14:46:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vefc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObJ2b49Db0qYQ%2FIBWYFhKlpNfEJZFf5tJnnUh%2BcXiWMeOp2wk6oK5RcBTEJdGzgFZYu%2BXP3zSKxzk%2BA9qjQ6tsXb8WZnZS08dEJHLI2OK2Mnix6z0D9q26iyVN3wkaajhgku6QVx3bVTTfqZd%2BkV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f034066ff94345-FRA
access-control-expose-headers: Content-Length

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame A62B 3 KB
2 KB 5062ms
17ms Script
text/javascript 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=116&ttfrms=22&brid=3&brver=92.0.4515.159&bridua=3&bds=1&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTau%3F6H%5CDE62%3DE9%3A6C%5CK%3D%40256C%5CG2C%3A2%3FE%5D9E%3E%3D&srcurlD=0&aUrlD=0&ssl=https:&dfs=26091&ddur=31&uid=1631691587608829&jsCallback=dvCallback_1631691587608569&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1780&tgjsver=1780&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html&fwc=0&fcl=163&flt=5042&fec=4497&fcifrms=9&brh=2&sdf=2&dvp_epl=128&noc=4&ctx=607671&cmp=24935727&sid=5936378&plc=292494536&crt=144230506&btreg=486197547&btadsrv=doubleclick&adsrv=1&advid=6141273&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_att_uid=__AP1_np_dv_tfhtql5lx8qPA__&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=43964693.97399399&dvp_tukv=69319899.81317869&dvp_uuid=300657782972.6066&dvp_tuid=1392579075143
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1780.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 1ff1ef447a38c207e2809fa879c39e991565274907944db045f0c0e3a731c0ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 07:39:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 9/14/2021 7:39:52 AM

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v102/ 109 KB
109 KB 5123ms
50ms Font
font/woff2 2a00:1450:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v102/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

606989890f9c25a98ddbe359c6a0fdb7643f88ed5e73ae283a46e7d768bc87cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 20:51:32 GMT
x-content-type-options: nosniff
age: 125300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111596
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 18:44:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:51:32 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 5096ms
37ms Font
font/woff2 2a00:1450:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:07:06 GMT
x-content-type-options: nosniff
age: 59566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:07:06 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 5102ms
44ms Font
font/woff2 2a00:1450:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:06:33 GMT
x-content-type-options: nosniff
age: 109999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 01:06:33 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 5080ms
23ms Font
font/woff2 2a00:1450:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thehackernews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 18:55:06 GMT
x-content-type-options: nosniff
age: 391486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 18:55:06 GMT

GET
H2 200 Azure-Container-Instances.jpg
thehackernews.com/images/-Wn9U7o0nnQ4/YTrjyEyffqI/AAAAAAAADww/GcXGxpjIW-oN1eqN_vDW08Y5rwTryqncQCLcBGAsYHQ/w72-h72-p-k-no-nu/ 2 KB
3 KB 30ms
28ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-Wn9U7o0nnQ4/YTrjyEyffqI/AAAAAAAADww/GcXGxpjIW-oN1eqN_vDW08Y5rwTryqncQCLcBGAsYHQ/w72-h72-p-k-no-nu/Azure-Container-Instances.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e23ce1ae7cc6712271548b1bb55f06fcb88b445a8794e65a8a1c1dec6309c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-Wn9U7o0nnQ4/YTrjyEyffqI/AAAAAAAADww/GcXGxpjIW-oN1eqN_vDW08Y5rwTryqncQCLcBGAsYHQ/w72-h72-p-k-no-nu/Azure-Container-Instances.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87913
cf-polished: status=not_needed
content-disposition: inline;filename="Azure-Container-Instances.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2396
x-xss-protection: 0
expires: Mon, 13 Sep 2021 19:33:13 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vf0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKHQeAJmu7%2BhGSLm5jY2ETeHIjmHJSmKuaSn%2B8sHeiS%2BjIHmGPuhxoNkR0WKYh9KJOzSHEgTEpdEDLVUMOnTvyIc20spKKCrdGCWZbmLXKTQ8sItm4OZ7HSHEWByCttAO%2FbU5GiJKawmuMpYVLhX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f03407fba44345-FRA
access-control-expose-headers: Content-Length

GET
H2 200 chrome-update.jpg
thehackernews.com/images/-FOgCdN3CSOk/YUAgGS1bB1I/AAAAAAAADyc/2oKkq_Mon1AnpsrRVosSNgmXm6ZdbQTXACLcBGAsYHQ/w72-h72-p-k-no-nu/ 3 KB
4 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-FOgCdN3CSOk/YUAgGS1bB1I/AAAAAAAADyc/2oKkq_Mon1AnpsrRVosSNgmXm6ZdbQTXACLcBGAsYHQ/w72-h72-p-k-no-nu/chrome-update.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

360957a4b009a1e47b5463c6459f9d0b7bfa0fb65e891d1595a737f30aab5759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-FOgCdN3CSOk/YUAgGS1bB1I/AAAAAAAADyc/2oKkq_Mon1AnpsrRVosSNgmXm6ZdbQTXACLcBGAsYHQ/w72-h72-p-k-no-nu/chrome-update.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25224
cf-polished: origFmt=jpeg, origSize=4010
content-disposition: inline; filename="chrome-update.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3222
x-xss-protection: 0
expires: Thu, 16 Sep 2021 00:39:23 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vf28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7iKz29XxcfH8mN2KISyL88u8xDd9Uo6NMvsw4E1yfzoDbEMsFwpqDinOtFoNATVbJgc4jjKmymEfI1MCpDGQrJhLGx%2FgyMZgJV4%2BQO3nUVyv5nSAjEENwB79oDKK1dL1skXcQfdz9QFFnllFjjz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f03407fba54345-FRA
access-control-expose-headers: Content-Length

GET
H2 200 ransomware.jpg
thehackernews.com/images/-kzUdqmybL70/YTnaN0vf2-I/AAAAAAAADwo/KGbWaO5HKvI2l5N21chIe4vdS_8kX_WOQCLcBGAsYHQ/w72-h72-p-k-no-nu/ 2 KB
2 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-kzUdqmybL70/YTnaN0vf2-I/AAAAAAAADwo/KGbWaO5HKvI2l5N21chIe4vdS_8kX_WOQCLcBGAsYHQ/w72-h72-p-k-no-nu/ransomware.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a58ccfe0cdfc14192dc7b12a69df4b8eb6de96dc183db4c9e1b3d01436412f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-kzUdqmybL70/YTnaN0vf2-I/AAAAAAAADwo/KGbWaO5HKvI2l5N21chIe4vdS_8kX_WOQCLcBGAsYHQ/w72-h72-p-k-no-nu/ransomware.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87913
cf-polished: origFmt=jpeg, origSize=2146
content-disposition: inline; filename="ransomware.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1942
x-xss-protection: 0
expires: Mon, 13 Sep 2021 06:15:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vf0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kbFSE9RKsW9X37LYpHtpx23Oc9Mewejzh%2FNkYjAn0T%2BZsEF3dYJsAMH2B32Ex6j8Q9PPAFOJZnRdDFlczEikuDbluE834o3ulGG0uf2njsSwAGz86OYRLp3k5RHdoISnTa090GnYbTB6wfAEXNT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f03407fba84345-FRA
access-control-expose-headers: Content-Length

GET
H2 200 scw-200.jpg
thehackernews.com/images/-7oST5jSg0gg/YTc8X5vpdZI/AAAAAAAA4Xo/TP05JllVGbQjutGIqJA9ZVx49BSEBqL4wCLcBGAsYHQ/s300-e100/ 29 KB
29 KB 22ms
22ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-7oST5jSg0gg/YTc8X5vpdZI/AAAAAAAA4Xo/TP05JllVGbQjutGIqJA9ZVx49BSEBqL4wCLcBGAsYHQ/s300-e100/scw-200.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96bbda56c90388fb55aa25c7f6645cd6c3d7e8dd5cab8490605556486b5f0c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-7oST5jSg0gg/YTc8X5vpdZI/AAAAAAAA4Xo/TP05JllVGbQjutGIqJA9ZVx49BSEBqL4wCLcBGAsYHQ/s300-e100/scw-200.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87911
cf-polished: origSize=31047, status=webp_bigger
content-disposition: inline;filename="scw-200.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29603
x-xss-protection: 0
expires: Thu, 16 Dec 2021 10:20:58 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "ve17b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbntYxr5%2Bes9vItmXtzdImaMAfmCieN7UgyYGFbO3PUTutmBa6YxEYn6g2dXIauh7ky2aKkrwRySPy0xu%2F1pBigOm2YiJR%2F8Fn65tUSFS07NnPiUc5un6wJDk1oLxQDTw2q6mFEoLrW%2F4FL%2B8heu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f03407fba94345-FRA
access-control-expose-headers: Content-Length

GET
H2 200 centos.jpg
thehackernews.com/images/-cJC6NNX-fts/YTsZeynCz7I/AAAAAAAABPE/vHGPnzHsqyYr2N52P6MeosRhDWaF8vWtwCLcBGAsYHQ/w72-h72-p-k-no-nu/ 3 KB
3 KB 20ms
20ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-cJC6NNX-fts/YTsZeynCz7I/AAAAAAAABPE/vHGPnzHsqyYr2N52P6MeosRhDWaF8vWtwCLcBGAsYHQ/w72-h72-p-k-no-nu/centos.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f810ceee13d7b56fbf55837fd93fb9bd7253cec491ce52330cbd5f46eea1888

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-cJC6NNX-fts/YTsZeynCz7I/AAAAAAAABPE/vHGPnzHsqyYr2N52P6MeosRhDWaF8vWtwCLcBGAsYHQ/w72-h72-p-k-no-nu/centos.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87913
cf-polished: origFmt=jpeg, origSize=3618
content-disposition: inline; filename="centos.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2970
x-xss-protection: 0
expires: Tue, 14 Sep 2021 13:08:28 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v4f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfXiSjypfHSmsprEsHUNqH06u2j%2BlcKd6EEzwSVTr1K3fn%2Fm9nb%2FBaC9zstj8suBLSQ6x1RgNaBdG6X3WccFKWeUTK%2BpCAvd6v2ofqw4H5tG035t08gTcmJ8IX89jjs%2BK4dJoA8uVncaW9pt5f9p"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f03408acff4345-FRA
access-control-expose-headers: Content-Length

POST c
prebid.a-mo.net/a/ 0
0

GET arj
adpushup-d.openx.net/w/1.0/ 0
0

POST v2
i.connectad.io/api/ 0
0

POST v1
dmx.districtm.io/b/ 0
0

POST cdb
bidder.criteo.com/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BD9F 22 KB
8 KB 327ms
25ms Document
text/html 2a00:1450:4007:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 08 Sep 2021 13:53:20 GMT
expires: Thu, 08 Sep 2022 13:53:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 582392
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ 0
23 B 57ms
30ms Ping
image/gif 172.217.18.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 07:39:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 344ms
43ms Script
text/javascript 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14002ecafa649bafb6cc41b2f330feba144824602620cd4697249eab826ed510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48935
x-xss-protection: 0
server: cafe
etag: 2394076024339309377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 07:39:53 GMT

GET
H2 200 HSEgpNPNZLMKNnVg9QEjg_uljD9VTI4VvILwbC8qF_I.js Show response
pagead2.googlesyndication.com/bg/ Frame BD9F 35 KB
13 KB 321ms
21ms Script
text/javascript 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HSEgpNPNZLMKNnVg9QEjg_uljD9VTI4VvILwbC8qF_I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d2120a4d3cd64b30a367560f5012383fba58c3f554c8e15bc82f06c2f2a17f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13160
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 19:48:56 GMT

GET
H2 200 banner-1.jpg
thehackernews.com/images/-xEQf4RPeHhs/YS85adrOzEI/AAAAAAAA4XQ/xivqoYJZviMU2h2UHbPvyOHysINfmVabACLcBGAsYHQ/s728-e100/ 16 KB
16 KB 22ms
22ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-xEQf4RPeHhs/YS85adrOzEI/AAAAAAAA4XQ/xivqoYJZviMU2h2UHbPvyOHysINfmVabACLcBGAsYHQ/s728-e100/banner-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e01ddff81ef43d93f47545eb333edda3130c28ec9b62ed8a71100f1cbfd94887

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /images/-xEQf4RPeHhs/YS85adrOzEI/AAAAAAAA4XQ/xivqoYJZviMU2h2UHbPvyOHysINfmVabACLcBGAsYHQ/s728-e100/banner-1.jpg
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631691582473]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thehackernews.com
referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/2021/09/new-stealthier-zloader-variant.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:39:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87884
cf-polished: origSize=17378, status=webp_bigger
content-disposition: inline;filename="banner-1.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16186
x-xss-protection: 0
expires: Thu, 16 Dec 2021 12:05:45 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "ve176"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92jvYqNmig864725xsAMPTExfhdcvGew7UA8RDRg9d5Dpj0r8Mi52SB%2FwPv8RO95wKLHptyB92M%2BylEhxg0VV3AwarOBqh55BKlryrNHz78wm48XBZ5vIJlhP0FlCKJxf62%2FKCU2WFdeN8iRUUJx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 68f03427ee824345-FRA
access-control-expose-headers: Content-Length

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD9F 0
121 B 29ms
28ms Image
image/gif 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ_PQQ6NBYbr-FsKQbbSdhOgNAAAAADgB4AQC&bg=!lZalltLNAAYT0U73E9E7ACkAdvg8WucmlA792lq7Cr6gsk7udhLBvot0espcFT4jgWWrLcgbJrdxZwIAAABjUgAAAAtoAQcKACr2g-e05MTS64qjjOwYmT55oi9lhyxZK3Piz4s9LiJAETnLtFKAmjj7pkSZAppq6FRSKoKfIJWJPJkmY4qaP8yeUT8_j93TvfyKrytOuQ6kNYcoUj7cmlgljpjRL8PIQts_tu8RcsvCCVK_U73Tv4sPXJpfckTk6MeqM_5wErd3sEM1kRkpLudE1WFIw-CuhKBMZeZZnRN1_9eHKGTYpTRMktnE2PAeY7cHaRpzlHJ2QL_6JOus3DLCQNS88axLgQrfayAp7R5LDXju3I5D1ENRN-8TjCnr2BGN2Xg_Hz60El0-uVz8z3AuQrkPIaBO51WPsqykry5rGAz1C_g_5PfIz7WwN8Wf-pWdSMKFa50TXOLUdh75m1qdV1Fc94aUSN7bZkwZVaTByxlvMDv0DtNmRh6PFn7lddcJMfizSug94kvVM7OrNyEAldt1NPUUVrgYw9LLmnYnHOsjJdBYMWYILmVl3-6s9Y-EWDxIYnW7Bkw0_W_Yk3w28nocaG_I3t2_x1riu8SZi60mYQgcAYTs9VxEbrAH1-l3nCl7czlcdOnYcN5kNMJPohtpk3DA6nvkjOTG0b2O9K1vl_-pHlHSo_6sNgJ0yuqp3O5W_qApkNBd1xbnLH2ASXYeiJvF-UU6genl96dXxVBz5hCODnepbr_jpvQAW2sB925hfhMIO8xZ86LdXfH-abtP7WTqL54Oadqaf0QW3gMxrpz8TLk-rOOphfFfJ5ZPRuTSxdLZ16Pd3lekzUaEI6bAEKEEznJ0kIjZk08IDB6JGb1u0Vn841WAyrdfm-EHhnF8Xd9n83Oe4wHbJzPsVSMQKzIOuBBbNu51eFC-QPZjWn77symXcd-M_txUFxf7gVNKQPbT1Jsn1oMxgTFmKn2fAzKW3XzwfZ5L3xsr80lQTtxAokDZwiPgJlEYuzKaPFKBLqv-hwxIVLZcQbc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
518 B 77ms
27ms Fetch
image/gif 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstU3onj9EFvsKfmKdzqXKS3qHpu71ueVKjKVIzAsxFWHpwlox3qza76EAweHXw8q4hnVe8Oe5HE43rrsnhPnxU&sig=Cg0ArKJSzJfrJEau2wywEAE&id=lidar2&mcvt=1000&p=381,1031,631,1331&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210913&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=473486474&rs=6&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631691561345&rpt=31237&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 07:39:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET g_pbto
1x1.a-mo.net/hbx/ 0
0

GET publishertag.prebid.js
static.criteo.net/js/ld/ 0
0

GET ca
choices.trustarc.com/ 0
0

GET cap
choices.trustarc.com/ 0
0

POST event.png
tps20243.doubleverify.com/ Frame A62B 0
0

GET rid
match.adsrvr.org/track/ 0
0

GET index.html
cdn.districtm.io/ids/ Frame E1D5 0
0

GET connectmyusers.php
cdn.connectad.io/ Frame 9A6C 0
0

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame 9835 0
0

GET pd
u.openx.net/w/1.0/ Frame C255 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210915

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=284f8677-1963-4ae7-a2e7-9f614b055258%2C9531f455-1f1b-4197-9aeb-5b36e87cb7ac&nocache=1631691590599&pubcid=d1badae7-feae-4cbc-9eab-8d0bb2759ad7&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&aus=730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200&divids=ADP_37020_responsivexresponsive_00000001-edab0fc9-e8cc-4b62-993c-af19f2b8ec29%2CADP_37020_responsivexresponsive_00000001-7f4883cb-327b-46ff-b43e-bcc82851c663&aucs=%2C&auid=541218336%2C541218336

Domain: i.connectad.io
URL: https://i.connectad.io/api/v2

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=37478373889

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: 1x1.a-mo.net
URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1631691593599&eid=29996a0e5e3c4dc

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Domain: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144230506_292494536&js=st_1pm&sz=300x250&c=te-aa1f

Domain: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144230506_292494536&js=st_2

Domain: choices.trustarc.com
URL: https://choices.trustarc.com/cap?aid=att_hs&pid=att01&cid=24935727_144230506_292494536&w=300&h=250&c=6362

Domain: tps20243.doubleverify.com
URL: https://tps20243.doubleverify.com/event.png?impid=f67b20c3cc3b4c0095b9ef00c84f1f15&gdpr=&gdpr_consent=&dvp_gdv2_Func=1&dvp_gdv2_Applies=1&dvp_gdv2_Succ=1&dvp_gdv2_Dur=0&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&vdur=5063&eoid=8&msrjs=1780&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=31&tetms=11&msltms=50&vltms=5063&sei=289&vetms=12&engms=1&engisel=1&ttfurm=7089&cbust=1631691594679574

Domain: tps20243.doubleverify.com
URL: https://tps20243.doubleverify.com/event.png?impid=f67b20c3cc3b4c0095b9ef00c84f1f15&gdpr=&gdpr_consent=&msrcanlm=202&msrcannum=8&eoid=10&ismms=48&isumms=47&isvelg=1&nvr=6&elmtp=6&isbxdms=7148&b11=7239&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=7239&sftb=7239&msrdp=12&naral=64&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=948&isuiabvms=948&ispmxpms=948&engalms=46&engscrlms=65&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1631691595677923

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json

Domain: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html

Domain: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thehackernews.com/2021/09	1969-12-31 23:59:59	Name: _dlt Value: 1
.thehackernews.com/	1970-01-19 21:15:34	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1631691582473]]
thehackernews.com/	1970-01-19 21:58:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thehackernews.com/	1970-01-19 21:58:03	Name: _pubcid Value: d1badae7-feae-4cbc-9eab-8d0bb2759ad7
.doubleclick.net/	1970-01-19 21:14:52	Name: test_cookie Value: CheckForPermission
.agkn.com/	1970-01-20 06:00:27	Name: ab Value: 0001%3Arn71e8aYkju0hbbaXR6X7sLTdfLPrOTa
.agkn.com/	1970-01-20 06:00:27	Name: u Value: C\|0EAgo1F_IKNRfyAAAAAAAAQAtAQfm-AIAAQAHAAAAAAF8fS___x4AAAAAAFqU-gAAAAARbxzIAAAAAAiYyGoAAAAAHPrJKwA
.demdex.net/	1970-01-20 01:34:03	Name: demdex Value: 34103092681870056480491805700915207618
.att.demdex.net/	1970-01-20 01:34:03	Name: att Value: 34103092681870056480491805700915207618

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_35667659511&jsTagObjCallback=__tagObject_callback_35667659511&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=35667659511&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=5042&fec=379&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTau%3F6H%5CDE62%3DE9%3A6C%5CK%3D%40256C%5CG2C%3A2%3FE%5D9E%3E%3D&dvp_exetime=7.50&callbackName=__verify_callback_35667659511, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_35667659511&jsTagObjCallback=__tagObject_callback_35667659511&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=35667659511&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=5042&fec=379&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTau%3F6H%5CDE62%3DE9%3A6C%5CK%3D%40256C%5CG2C%3A2%3FE%5D9E%3E%3D&dvp_exetime=7.50&callbackName=__verify_callback_35667659511, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/impl_v79.js(Line 66) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=79.228;dc_rxp=1;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_tfhtql5lx8qPA__;dc_adk=473486474;ord=kpude6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html$0;xdt=0;crlt=irIrksW'*O;sttr=39;prcl=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/impl_v79.js(Line 66) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=79.228;dc_rxp=1;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;u=__AP1_np_dv_tfhtql5lx8qPA__;dc_adk=473486474;ord=kpude6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fnew-stealthier-zloader-variant.html$0;xdt=0;crlt=irIrksW'*O;sttr=39;prcl=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_722076457099&jsTagObjCallback=__tagObject_callback_722076457099&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=722076457099&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&fwc=0&fcl=163&flt=5042&fec=4328&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTau%3F6H%5CDE62%3DE9%3A6C%5CK%3D%40256C%5CG2C%3A2%3FE%5D9E%3E%3D&dvp_exetime=7.50&callbackName=__verify_callback_722076457099, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_722076457099&jsTagObjCallback=__tagObject_callback_722076457099&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=722076457099&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&fwc=0&fcl=163&flt=5042&fec=4328&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTau%3F6H%5CDE62%3DE9%3A6C%5CK%3D%40256C%5CG2C%3A2%3FE%5D9E%3E%3D&dvp_exetime=7.50&callbackName=__verify_callback_722076457099, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
acdn.adnxs.com
ad.doubleclick.net
adpushup-d.openx.net
att.demdex.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.adpushup.com
cdn.connectad.io
cdn.districtm.io
cdn.doubleverify.com
cdn.jsdelivr.net
cdn3.doubleverify.com
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
code.jquery.com
d.agkn.com
dmx.districtm.io
e3.adpushup.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads4.g.doubleclick.net
gum.criteo.com
i.connectad.io
ib.adnxs.com
match.adsrvr.org
pagead2.googlesyndication.com
prebid.a-mo.net
rtb0.doubleverify.com
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
thehackernews.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20243.doubleverify.com
tps20518.doubleverify.com
tps20519.doubleverify.com
u.openx.net
www.google-analytics.com
www.googletagservices.com
1x1.a-mo.net
acdn.adnxs.com
adpushup-d.openx.net
bidder.criteo.com
cdn.connectad.io
cdn.districtm.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
choices.trustarc.com
dmx.districtm.io
gum.criteo.com
i.connectad.io
ib.adnxs.com
match.adsrvr.org
prebid.a-mo.net
static.criteo.net
tps20243.doubleverify.com
u.openx.net
www.google-analytics.com
13.249.7.113
13.32.158.29
142.250.179.70
142.250.179.98
172.217.18.194
18.203.33.226
2001:4de0:ac18::1:a:3b
213.254.244.15
213.254.244.18
213.254.244.21
23.97.225.52
2600:9000:218e:7600:6:44e3:f8c0:93a1
2606:4700:20::681a:161
2606:4700::6812:1dad
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4007:807::200a
2a00:1450:4007:80b::200e
2a00:1450:4007:80e::2002
2a00:1450:4007:815::2003
2a00:1450:4007:816::2002
2a00:1450:4007:817::2006
2a00:1450:4007:818::2001
2a02:2638:1::13
2a02:26f0:ec:4a6::4469
2a02:26f0:ec:4b7::4469
52.17.218.235
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a77e54a374d23938d7d1f8e3fae0836b07a5a4f1214a9862bd54d658ad4906
07c3e61964ce639a79922336afb6a4702c84d95cd775e11a6624697cf1b28546
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14002ecafa649bafb6cc41b2f330feba144824602620cd4697249eab826ed510
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
19bb58a207c589d9941c53573f1799e2ea57c9c423597b2473d37089de7310cb
1a58ccfe0cdfc14192dc7b12a69df4b8eb6de96dc183db4c9e1b3d01436412f2
1d2120a4d3cd64b30a367560f5012383fba58c3f554c8e15bc82f06c2f2a17f2
1ff1ef447a38c207e2809fa879c39e991565274907944db045f0c0e3a731c0ed
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
278e8a13d324d852846e09b1c13e8d601d61851f5c65caaec11b19b990eab45e
2a86ebdd61ff7f0fe37c32ee43e6ae89796aed4fe4d4ca389f3a1d4f8f286336
2caac00e5fb95483fc57c9683c105bcdc05bdfe49d73e00bac03fa9500b53d36
360957a4b009a1e47b5463c6459f9d0b7bfa0fb65e891d1595a737f30aab5759
36c13046b23864f763bd9239d7b73c45b4ac9421cbf6a6ff5c19c202873c4cd2
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
3e2662d2cc5114073ccdc2611e908b3b51990027b5cbb651c69954274e2123db
41a5f97ff2683ab748642cbebd491b6aac3c896fdb2e7f5c6d974221a5554e59
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
43ac206eefd837b9a7433095fe8eb7059395f6503b92a109918604003fbe93d4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44abe3410418a547f3412ba93a94ffdfd1dbadf9c785418af8ef15d7877fa2c8
45901b04c888739df5f8bb0c1c213a8cc7893a1b72f1f3ea6b24ae1f4691c8fc
4781f41491aba4aac0eaff9f548bf3d31ded16a0c8b77b07cf6315fd964fc0e8
49f90726581ac3e3db86138de1b55948a5075fb4a70ba550a581df1bba049bb4
4e23ce1ae7cc6712271548b1bb55f06fcb88b445a8794e65a8a1c1dec6309c99
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5f810ceee13d7b56fbf55837fd93fb9bd7253cec491ce52330cbd5f46eea1888
606989890f9c25a98ddbe359c6a0fdb7643f88ed5e73ae283a46e7d768bc87cc
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
6f99c92c022128ac0a66fa125b4fb27c1cbafa094ed31e4e4bcfe1b6b360c14c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e7b60dac58a6de6ed9c6fc1c59cd63dee58d5aa27893d17953e584379726da
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96bbda56c90388fb55aa25c7f6645cd6c3d7e8dd5cab8490605556486b5f0c14
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a58b89613c429c71147ffcbe620d0c5c8dbecc2570c71b1bf56d1af3abf857b0
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
b3c9b18745caf04dd75236c06f5b262a2c50ff99106797776eacbb905f0e95b0
b6285dce6b9fb557bd0c15683c62f9be0f2e0b760086854b59c952791ba9e8ae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
ddfce29193278238441c5326565dcd2ce8034dbdd47940ac8183cb5d201f05cb
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e01ddff81ef43d93f47545eb333edda3130c28ec9b62ed8a71100f1cbfd94887
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f403cbe5751ef313def120dc0aded1d05242f963459de0e262f1b4fa87a449e0
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
f7da1f347d3b74c6753fcd90fa042b5e9e67690d167f6450312f99d390a95fb3
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

thehackernews.com Open in urlscan Pro 2606:4700:20::681a:161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

77 %HTTPS

58 %IPv6

29 Domains

45 Subdomains

27 IPs

5 Countries

1337 kBTransfer

3422 kBSize

9 Cookies

26 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thehackernews.com Open in urlscan Pro
2606:4700:20::681a:161 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

77 %
HTTPS

58 %
IPv6

29
Domains

45
Subdomains

27
IPs

5
Countries

1337 kB
Transfer

3422 kB
Size

9
Cookies

104 HTTP transactions
7 data transactions