URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Submission: On January 14 via api from US

Summary

This website contacted 39 IPs in 8 countries across 27 domains to perform 122 HTTP transactions. The main IP is 2606:4700:20::681a:61, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.
This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
7 213.254.244.19 3257 (GTT-BACKB...)
18 2a00:1450:400... 15169 (GOOGLE)
2 172.217.22.6 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
2 143.204.215.88 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 34.249.128.36 16509 (AMAZON-02)
2 3.123.210.158 16509 (AMAZON-02)
3 213.254.244.11 3257 (GTT-BACKB...)
2 205.234.175.175 30081 (CACHENETW...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
4 23.97.225.52 8075 (MICROSOFT...)
3 172.217.16.130 15169 (GOOGLE)
3 99.86.5.213 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 1 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
2 3 185.33.220.242 29990 (ASN-APPNEX)
1 4 35.244.159.8 15169 (GOOGLE)
1 213.19.147.210 26120 (RHYTHMONE)
4 136.144.59.88 54825 (PACKET)
10 99.86.7.55 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 213.254.244.23 36062 (DOUBLE-VE...)
3 213.254.244.26 36062 (DOUBLE-VE...)
1 52.49.114.167 16509 (AMAZON-02)
1 23.8.15.54 20940 (AKAMAI-ASN1)
1 151.101.113.108 54113 (FASTLY)
2 2 216.52.2.39 29791 (VOXEL-DOT...)
1 1 104.108.145.8 16625 (AKAMAI-AS)
122 39
Apex Domain
Subdomains
Transfer
29 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20515.doubleverify.com
tps20520.doubleverify.com
tps30.doubleverify.com
tps20228.doubleverify.com
tps20229.doubleverify.com
190 KB
15 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com
163 KB
14 doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
181 KB
10 trustarc.com
choices.trustarc.com
32 KB
10 thehackernews.com
thehackernews.com
151 KB
6 adpushup.com
cdn.adpushup.com
e3.adpushup.com
274 KB
4 a-mo.net
prebid.a-mo.net
1 KB
4 openx.net
adpushup-d.openx.net
u.openx.net
972 B
4 adnxs.com
ib.adnxs.com
acdn.adnxs.com
3 KB
4 googletagservices.com
www.googletagservices.com
76 KB
3 amazon-adsystem.com
c.amazon-adsystem.com
34 KB
3 demdex.net
att.demdex.net
2 KB
2 lijit.com
ap.lijit.com
1 KB
2 criteo.com
gum.criteo.com
mug.criteo.com
1 KB
2 google.com
adservice.google.com
www.google.com
911 B
2 google.de
adservice.google.de
www.google.de
910 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 agkn.com
d.agkn.com
1 KB
2 2mdn.net
s0.2mdn.net
192 KB
2 truste.com
choices.truste.com
18 KB
2 cloudflare.com
ajax.cloudflare.com
cdnjs.cloudflare.com
33 KB
1 casalemedia.com
ssum.casalemedia.com
966 B
1 rubiconproject.com
eus.rubiconproject.com
1 adsrvr.org
match.adsrvr.org
544 B
1 1rx.io
tag.1rx.io
274 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 googleadservices.com
partner.googleadservices.com
645 B
122 27
Domain Requested by
10 choices.trustarc.com choices.truste.com
choices.trustarc.com
10 thehackernews.com thehackernews.com
9 cdn.doubleverify.com thehackernews.com
cdn.doubleverify.com
ad.doubleclick.net
6 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 pagead2.googlesyndication.com ad.doubleclick.net
ajax.cloudflare.com
pagead2.googlesyndication.com
www.googletagservices.com
4 prebid.a-mo.net cdn.adpushup.com
4 e3.adpushup.com cdn.adpushup.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 www.googletagservices.com cdn.doubleverify.com
www.googletagservices.com
ad.doubleclick.net
pagead2.googlesyndication.com
4 cdn3.doubleverify.com cdn.doubleverify.com
3 tps20229.doubleverify.com cdn.doubleverify.com
3 tps20228.doubleverify.com cdn.doubleverify.com
3 464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ib.adnxs.com 2 redirects cdn.adpushup.com
3 c.amazon-adsystem.com cdn.adpushup.com
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
3 tps20520.doubleverify.com thehackernews.com
3 att.demdex.net 1 redirects thehackernews.com
3 tps20515.doubleverify.com thehackernews.com
2 ap.lijit.com 2 redirects
2 u.openx.net 1 redirects cdn.adpushup.com
2 adpushup-d.openx.net cdn.adpushup.com
2 www.google-analytics.com thehackernews.com
www.google-analytics.com
2 cdn.adpushup.com thehackernews.com
cdn.adpushup.com
2 tps30.doubleverify.com cdn.doubleverify.com
2 d.agkn.com thehackernews.com
2 s0.2mdn.net thehackernews.com
2 choices.truste.com ad.doubleclick.net
2 ad.doubleclick.net www.googletagservices.com
2 rtb0.doubleverify.com cdn.doubleverify.com
1 ssum.casalemedia.com 1 redirects
1 acdn.adnxs.com cdn.adpushup.com
1 eus.rubiconproject.com cdn.adpushup.com
1 match.adsrvr.org cdn.adpushup.com
1 tag.1rx.io cdn.adpushup.com
1 mug.criteo.com
1 gum.criteo.com 1 redirects
1 cdn.jsdelivr.net cdn.adpushup.com
1 www.google.de
1 www.google.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdnjs.cloudflare.com thehackernews.com
1 ajax.cloudflare.com thehackernews.com
122 47
Subject Issuer Validity Valid
thehackernews.com
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-11 -
2022-08-16
2 years crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA
2019-12-09 -
2021-03-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.truste.com
Go Daddy Secure Certificate Authority - G2
2018-01-26 -
2021-03-06
3 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
*.adpushup.com
GlobalSign RSA OV SSL CA 2018
2020-09-03 -
2021-10-05
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.googleadservices.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
www.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-17 -
2021-02-14
3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2019-06-28 -
2021-06-27
2 years crt.sh
*.a-mo.net
R3
2021-01-11 -
2021-04-11
3 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2020-05-21 -
2022-07-17
2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-05 -
2022-01-18
a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-29 -
2021-04-14
5 months crt.sh

This page contains 23 frames:

Primary Page: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Frame ID: C8CFED694A198AD917E0F94E7598EEE0
Requests: 99 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 2FA0EE0E2AF1C0021F2F42666DB829C4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 9BC323FE3AD0D20D56EDE422193BE55B
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: D9CA6D25BB6C020D20F8EB013019E4F1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: B9148F3696073DE1385263F08C3819EF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements731.js
Frame ID: EF8E2DB391A8A55E87A22D2513DBF671
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F459A23BBAB614394AB2FB23A2EE5F7
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: 1AAB4AEF69F5BEA5EB6FDDC5F6200E46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 83E043C9CFA2A62D27276089E4982D29
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements731.js
Frame ID: 4FD266ACF9F0EC323D18657419280DCC
Requests: 5 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: A8ABB06108340EF9E4CCC1596CBA996B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Frame ID: 5C3FBD6E455C849B0099B7A8B5B4290E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1610619149&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&ea=0&flash=0&pra=5&wgl=1&dt=1610650838935&bpp=33&bdt=995&idt=182&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=960535578869&frm=20&pv=2&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=203
Frame ID: 7CDEE056C5ABD93AEB86845C94B3A3D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&h=90&slotname=8972781702&adk=367458844&adf=2959314990&pi=t.ma~as.8972781702&w=728&lmt=1610619149&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&flash=0&wgl=1&dt=1610650838968&bpp=4&bdt=1028&idt=263&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=960535578869&frm=20&pv=1&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=feewU1LU3j&p=https%3A//thehackernews.com&dtd=293
Frame ID: 4A2DDC5D69D41E1B5A420CAC86B0117E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&h=600&slotname=3616315140&adk=1702816697&adf=1013268106&pi=t.ma~as.3616315140&w=300&fwrn=4&fwrnh=100&lmt=1610619149&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1610650838972&bpp=2&bdt=1032&idt=328&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=960535578869&frm=20&pv=1&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=1672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KdmMiDqqZ6&p=https%3A//thehackernews.com&dtd=333
Frame ID: E32124E97F1D695BADA8D423815160B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 70BEB5255A0C35CDB728A961DDB1A0FF
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 9696C1B215A6A9EEFAACB87C82AC4383
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: E94AF30B6B7F28CC87257141220A1CD4
Requests: 2 HTTP requests in this frame

Frame: https://464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 4DDF3F6C5AC62C5873A494FC9B98A932
Requests: 1 HTTP requests in this frame

Frame: https://464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2CFC1FC184D009535A749B434809F297
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 113743F9B0AA3F2BCE09F1500D949808
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 644FDB55485D15C1D6162C5A996FA3C8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 51F170985C0ED2BF4F1EF61D8BDC4AB2
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

122
Requests

100 %
HTTPS

39 %
IPv6

27
Domains

47
Subdomains

39
IPs

8
Countries

1437 kB
Transfer

3572 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378 HTTP 302
  • https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378
Request Chain 90
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pGa61HwzakZYY3pwSk5WUEdjcUxMOFhJdFlPYXNrOGFSM3NBWEdEZ1lyVU82bldBcXlWMXRENnJsS0pxcjhJZ1c5Z212VkZXOTRKNGpoVWQ0UHg4cG9VcVcySXNJNmgvcmJHeEVkQWJXRnJ6YU1QOXBVeGE3UGpoSDkwZ281TktZWXd0dnA4V01XVk0yUkhBMXFaUXdJUTVyd29PeTRlb3pwSzZXSEdaS1Ryclc1c2RsQnl2bjRIWi95WnhES2FyUE1kT3AwS3NpbnUrd0c3NlphVXIrWFJja3I3bFkvb2xrYlYvTklTTTJ5NkFzSjVBPXw&cppv=2
Request Chain 124
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1
Request Chain 125
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=sovrn&uid=8560133694651225ce24dfc3
Request Chain 126
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=index_rtb&uid=YACU2IM1kLIxIlX.9iGKNgAA%261145
Request Chain 127
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D86098b42-4acb-4aae-8840-633dd2de5193%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=appnexus&uid=6127067867737806773

122 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request hackers-steal-mimecast-certificate-used.html
thehackernews.com/2021/01/
119 KB
42 KB
Document
General
Full URL
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP
Resource Hash
6b664dc4bd7fabb97674b52b85ed042296147b17a387996da5ff9908fe43de00
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thehackernews.com
:scheme
https
:path
/2021/01/hackers-steal-mimecast-certificate-used.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:37 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9b3cfad111e5ca8d44f1f0674a97ae821610650837; expires=Sat, 13-Feb-21 19:00:37 GMT; path=/; domain=.thehackernews.com; HttpOnly; SameSite=Lax; Secure
cf-ray
611999d62d9fc2fe-FRA
cache-control
private, max-age=0
expires
Thu, 14 Jan 2021 19:00:37 GMT
last-modified
Thu, 14 Jan 2021 10:12:29 GMT
link
</css/roboto.css>; as=style; rel=preload
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
07a3de79d60000c2fe95357000000001
content-security-policy
upgrade-insecure-requests
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
WordPress VIP
x-xss-protection
1; mode=block
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aLjiBA8AuJm10rHPPEOJdN4FGjwtH1adMQoYSTtxYliIm7k0dnqMIeN3oBDO3dlnMPJk8sAowCLHV9LW2yCqpOhhofRfFZ8Q5Yj7c5AH11HiykRGzkgiOOx%2BWef7kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
content-encoding
br
cf-h2-pushed
</css/roboto.css>
roboto.css
thehackernews.com/css/
77 KB
58 KB
Stylesheet
General
Full URL
https://thehackernews.com/css/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iaisbBHCGnDdxzTs7zawilUS5M2XC%2FhVg79Dxk3VGKcBRA9Eu0RZDqVq6cZ9qeUlrGfxvnrm%2FevM0kyY%2FHRLTUlBYo%2BS8cvPS5Wia9NRZ%2F%2B0%2FIlfyYmSPaa6ngZYRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
611999d90b12c2fe-FRA
cf-request-id
07a3de7ba80000c2fe9d322000000001
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/
12 KB
5 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
07a3de7bcc000063addb89e000000001
last-modified
Wed, 13 Jan 2021 10:12:06 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5ffec776-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ECfX9hLZszaogPOlrNjgE82yxjX9JGX83awznRkOc%2Fjn9V7E18MyzqxZ1kIDGvzCCPA%2FiYg0C0SttzOzJIia9HShky3dr%2BDj2RdoNpOh6qa4JBKprSzkWhLrAfHtRCb%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
611999d94c1963ad-FRA
expires
Sat, 16 Jan 2021 19:00:37 GMT
mimecast-certificate-office-365.jpg
thehackernews.com/images/-ApBRio1eCtI/X_6LyJg6cHI/AAAAAAAABeo/fNLxWzxuNaMkXleMHNR6ghjvCwuV2nbzACLcBGAsYHQ/s0/
22 KB
23 KB
Image
General
Full URL
https://thehackernews.com/images/-ApBRio1eCtI/X_6LyJg6cHI/AAAAAAAABeo/fNLxWzxuNaMkXleMHNR6ghjvCwuV2nbzACLcBGAsYHQ/s0/mimecast-certificate-office-365.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad4d1d803bfa6e58ab3e3c36745fba8dc9838651945aab88a0174b9a06425da0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
123509
cf-polished
origFmt=jpeg, origSize=25593
content-disposition
inline; filename="mimecast-certificate-office-365.webp"
vary
Accept, Accept-Encoding
content-length
22632
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v5eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6DYSf4BWbdSYhLXxGlYlI2ia%2BHUCeLVIBgUh8DyUBmCoBfyDkTr33MH%2BHPIdJv2EActUpzQrtYVKxWV9VqbVXRw20DuO9WR9PMCuiALYceEtDU7uvOlrEScF73mY3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de7be10000c2fe45a8e000000001
accept-ranges
bytes
cf-ray
611999d96bb2c2fe-FRA
expires
Thu, 14 Jan 2021 05:59:41 GMT
dvbs_src.js
cdn.doubleverify.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Aug 2020 05:50:11 GMT
Server
Microsoft-IIS/10.0
ETag
"ec21f1b9173d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvbs_src.js
cdn.doubleverify.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Aug 2020 05:50:11 GMT
Server
Microsoft-IIS/10.0
ETag
"ec21f1b9173d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
7 KB
7 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Origin
https://thehackernews.com
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
442 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
19 KB
19 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c80a55d06b9da550f41424241174895bdbe1dd174ee1d015a4d56747cd2a99

Request headers

Origin
https://thehackernews.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
19 KB
19 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f03c3526dd6db1c340c972db0194f8b732611626e1bcde62426d70a68c7a023b

Request headers

Origin
https://thehackernews.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
19 KB
19 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe94fcc14c2b9f93c39cbe038796bff0ebc07a140ebd15e66b3a897b6a25bc82

Request headers

Origin
https://thehackernews.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
dvbs_src_internal79.js
cdn.doubleverify.com/
53 KB
17 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal79.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
40adb937145b21abf0b1dde7dfa4d0a80be21ce7bf7d4f85ca944022a23c6785

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Aug 2020 05:50:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0a34a219173d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16756
bst2tv3.html
cdn3.doubleverify.com/ Frame 2FA0
0
0
Document
General
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=58690
Date
Thu, 14 Jan 2021 19:00:38 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/
8 KB
4 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_92728566285&jsTagObjCallback=__tagObject_callback_92728566285&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=92728566285&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&aUrlD=&m1=15&noc=16&fcifrms=1&brh=2&fwc=0&flt=1&fec=378&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=128&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_%60Tau924%3C6CD%5CDE62%3D%5C%3E%3A%3E642DE%5C46CE%3A7%3A42E6%5CFD65%5D9E%3E%3DU2%26C%3Dl
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
39844694c3746217c90b2029ca3d8157ac85a33a08deba14782144731b01f086

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
X-DV-Response
0
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Date
Thu, 14 Jan 2021 19:00:37 GMT
Expires
1/13/2021 7:00:38 PM
dv-match6.js
cdn.doubleverify.com/ Frame 9BC3
4 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=22196
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
dcmads.js
www.googletagservices.com/dcm/
5 KB
3 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cfe9636ca50bb0432bffc57180eae1a5a3463bbbf3300773db33b3133413ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 14 Jan 2021 18:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 15:36:14 GMT
server
sffe
age
1167
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
2562
x-xss-protection
0
expires
Thu, 14 Jan 2021 19:41:11 GMT
bsevent.gif
tps20515.doubleverify.com/
807 B
1 KB
Image
General
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=0de66f94fec04caeb1312cbab6c10fd8&dvp_or2=1&cbust=1610650838377364
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
1/13/2021 7:00:38 PM
bsevent.gif
tps20515.doubleverify.com/
807 B
1 KB
Image
General
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=0de66f94fec04caeb1312cbab6c10fd8&vfdur=91&cbust=1610650838377536
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
1/13/2021 7:00:38 PM
bsevent.gif
tps20515.doubleverify.com/
807 B
1 KB
Image
General
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=0de66f94fec04caeb1312cbab6c10fd8&pltfrm=Linux%20x86_64&dvp_acibv=&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=1305&dvp_ndp_meta=49&dvp_ndp6=false&dvp_acifd=0&dvp_mref=&dvp_acc=95&dvp_acl=46055&dvp_acwe=0&dvp_vpos=1600-1200-1&dvp_acpdr=506&dvp_acpdt=1&dvp_acprc=0&bsigr=289&cbust=1610650838380155
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
1/13/2021 7:00:38 PM
impl_v67.js
www.googletagservices.com/dcm/
31 KB
13 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v67.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09df83b2f1d053440d88568137958595bce8b07f21578eb9a2647e51aec2acc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 13 Jan 2021 19:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Dec 2020 15:23:37 GMT
server
sffe
age
84025
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
13106
x-xss-protection
0
expires
Thu, 13 Jan 2022 19:40:13 GMT
B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certific...
ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/
31 KB
16 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v67.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
74d2768a0e219b931fac3b975b3b09ff08d410c66514112d5cb65622ed41751c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15859
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/
104 KB
32 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1accab39490c3ea637edcf9ce20212a90e859a6cfbe62ef44dfdb420095cfde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1610541309185380"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
32615
x-xss-protection
0
expires
Thu, 14 Jan 2021 19:00:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210112/r20110914/elements/html/
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210112/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b73bcd7276a5b21d248634c71b74fb1401793960414f3562fee52f18e9050e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 18:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
2656
x-xss-protection
0
server
cafe
etag
14009436135420644422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Jan 2021 18:55:03 GMT
view
googleads4.g.doubleclick.net/pcs/
0
683 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiZ3fR68DSuNZ4TOHjxSu7Mqb2YEPvnEVCdUxfkqw0TDmbWybmS4kayPqgDHH9JlsnE2G25KC5_t17qGF9v9o93WHlum8ZiNBaRjFiCgCOSu6tN6JR1ujsZtzjgQjP&sig=Cg0ArKJSzJwLhMPsqEHmEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210112.46528&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Jan 2021 19:00:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ca
choices.truste.com/
28 KB
9 KB
Script
General
Full URL
https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332637_292494536&js=st0
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
d4ced01a14172257e54bfca5d752ad79288fcb3a503f9b92d5d9402d9c8b9a75

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 06:36:56 GMT
content-encoding
gzip
server
nginx
age
44622
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
lVtOgZ4u2MI5AWBkoEeni6m_Cx9kvbg816nva7h-VfazGJxEakooWw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/
21 KB
7 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=607671&cmp=24935727&sid=5936378&plc=292494536&num=&adid=&advid=6141273&adsrv=1&region=30&btreg=486197547&btadsrv=doubleclick&crt=144332637&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src&dvp_att_uid=__AP1_np_dv_n7hsbqh68kgPA__
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
74bc08ee52fa2067ff5454e5e00d4cf4bdaac57ab7a746b355671177969b31d4

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jan 2021 07:00:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d37793b0e8d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6880
UFYwWwmt.js
tpc.googlesyndication.com/sodar/
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 13:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106114
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jan 2022 13:32:04 GMT
I_ABU_AVT_3_STB_MOB_300x250_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.jpg
s0.2mdn.net/6141273/
131 KB
131 KB
Image
General
Full URL
https://s0.2mdn.net/6141273/I_ABU_AVT_3_STB_MOB_300x250_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2842ab20cc17cb61e32799c8cff642f37a20a933b12f678628b4666c0311f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 14:11:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 23:43:35 GMT
server
sffe
age
17371
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133793
x-xss-protection
0
expires
Fri, 15 Jan 2021 14:11:07 GMT
firstevent
att.demdex.net/
Redirect Chain
  • https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378
  • https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378
42 B
915 B
Image
General
Full URL
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-128-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v087-0bd201a96.edge-irl1.demdex.com 5.80.4.20201224153022 5ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
Oey5kKoTQcI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
KSIRvCsKRaw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
d.agkn.com/pixel/2387/
43 B
660 B
Image
General
Full URL
https://d.agkn.com/pixel/2387/?ct=NL&st=&city=0&dma=0&zp=&bw=4&che=1713706775&col=24935727,5936378,292494536,486197547,144332637
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.210.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-210-158.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
bst2tv3.html
cdn3.doubleverify.com/ Frame D9CA
0
0
Document
General
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=58690
Date
Thu, 14 Jan 2021 19:00:38 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/
9 KB
4 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_551647794920&jsTagObjCallback=__tagObject_callback_551647794920&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=551647794920&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&aUrlD=&m1=15&noc=16&fcifrms=3&brh=2&fwc=0&flt=1&fec=464&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=128&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_%60Tau924%3C6CD%5CDE62%3D%5C%3E%3A%3E642DE%5C46CE%3A7%3A42E6%5CFD65%5D9E%3E%3DU2%26C%3Dl
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
722019559c56373d4fa5da8b5c83079d1f96a433243b36d445429485041af94b

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
X-DV-Response
0
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Date
Thu, 14 Jan 2021 19:00:38 GMT
Expires
1/13/2021 7:00:38 PM
dv-match6.js
cdn.doubleverify.com/ Frame B914
4 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=22196
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
dv-measurements731.js
cdn.doubleverify.com/ Frame EF8E
273 KB
63 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements731.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
34452778f2b5b0f0706403d9436d50b8110e18a41561fb18134e5e431dd851e7

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Jan 2021 11:22:10 GMT
Server
Microsoft-IIS/10.0
ETag
"05d850ce8d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64179
bsevent.gif
tps20520.doubleverify.com/
807 B
1 KB
Image
General
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=ec37a452a0a546b3bc74da63c6bf1fdf&dvp_or2=1&cbust=1610650838626105
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
1/13/2021 7:00:38 PM
bsevent.gif
tps20520.doubleverify.com/
807 B
1 KB
Image
General
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=ec37a452a0a546b3bc74da63c6bf1fdf&vfdur=91&cbust=1610650838626312
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
1/13/2021 7:00:38 PM
bsevent.gif
tps20520.doubleverify.com/
807 B
1 KB
Image
General
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=ec37a452a0a546b3bc74da63c6bf1fdf&pltfrm=Linux%20x86_64&dvp_acibv=&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=1305&dvp_ndp_meta=51&dvp_ndp6=false&dvp_acifd=0&dvp_mref=&dvp_acc=102&dvp_acl=47069&dvp_acwe=0&dvp_vpos=1600-1200-1&dvp_acpdr=506&dvp_acpdt=1&dvp_acprc=0&bsigr=289&cbust=1610650838628855
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
1/13/2021 7:00:38 PM
B24935727.292495514;dc_ver=67.192;sz=728x90;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2498785007;ord=k5a2h6;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certifica...
ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/
31 KB
16 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=67.192;sz=728x90;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2498785007;ord=k5a2h6;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=2;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v67.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
3dfdc0f1f5043f0c5f55685c412a5d85799c9567447bb08a437fb95a7659a65a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16051
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7F45
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 13 Jan 2021 21:16:17 GMT
expires
Thu, 13 Jan 2022 21:16:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
78261
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/
0
40 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiZ3fR68DSuNZ4TOHjxSu7Mqb2YEPvnEVCdUxfkqw0TDmbWybmS4kayPqgDHH9JlsnE2G25KC5_t17qGF9v9o93WHlum8ZiNBaRjFiCgCOSu6tN6JR1ujsZtzjgQjP&sig=Cg0ArKJSzJwLhMPsqEHmEAE&urlfix=1&omid=0&rm=1&ctpt=104&vt=11&dtpt=103&dett=2&cstd=0&cisv=r20210112.46528&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=67.192;sz=300x250;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2533488393;ord=fv45vv;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=13;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Jan 2021 19:00:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
t2tv7.html
cdn3.doubleverify.com/ Frame 1AAB
0
0
Document
General
Full URL
https://cdn3.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3877
Date
Thu, 14 Jan 2021 19:00:38 GMT
Connection
keep-alive
visit.js
tps30.doubleverify.com/ Frame EF8E
9 KB
4 KB
Script
General
Full URL
https://tps30.doubleverify.com/visit.js?bridua=3&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_%60Tau924%3C6CD%5CDE62%3D%5C%3E%3A%3E642DE%5C46CE%3A7%3A42E6%5CFD65%5D9E%3E%3DU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=https:&dvp_region=30&dfs=1110&ddur=13&uid=1610650838691439&jsCallback=dvCallback_1610650838691509&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=731&tgjsver=731&lvvn=28&m1=15&refD=0&referrer=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&fwc=0&flt=1&fec=475&fcifrms=6&brh=2&dvp_epl=151&noc=16&ctx=607671&cmp=24935727&sid=5936378&plc=292494536&crt=144332637&btreg=486197547&btadsrv=doubleclick&adsrv=1&advid=6141273&dvp_att_uid=__AP1_np_dv_n7hsbqh68kgPA__&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=187975339581.4352&dvp_tukv=5604446383.35778&dvp_uuid=100690562247.12189&dvp_slmsd=80&dvp_vcmsd=127
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
3f328da5eb60d99ec767c964252b04ae9d8c66f645dcb2e933b6ae481d712969

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
1/13/2021 7:00:38 PM
view
googleads4.g.doubleclick.net/pcs/
0
22 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOnH5FTGvRbpKwGxZYgiq1M2mZEsypUWtJc3HSvvy7w2H0OFiJ5i4Uy-DWQPK4SBE7hULyz4xR9INzPwYGHrFMCJVHwMDachaMCEkvn0KmFvcbSH7JCloQuWpokaYDsehA9yV5aqWo0z-ISEq9XjLX8uyJ3ApZyCaFTWPCRa_y&sig=Cg0ArKJSzFDLaBOhMsVtEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210112.37737&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=67.192;sz=728x90;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2498785007;ord=k5a2h6;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=2;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Jan 2021 19:00:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dvtp_src.js
cdn.doubleverify.com/
21 KB
7 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=607671&cmp=24935727&sid=5936378&plc=292495514&num=&adid=&advid=6141273&adsrv=1&region=30&btreg=485910716&btadsrv=doubleclick&crt=143061732&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src&dvp_att_uid=__AP1_np_dv_n7hsbqh68kgPA__
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=67.192;sz=728x90;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2498785007;ord=k5a2h6;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=2;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
74bc08ee52fa2067ff5454e5e00d4cf4bdaac57ab7a746b355671177969b31d4

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jan 2021 07:00:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d37793b0e8d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6880
ca
choices.truste.com/
28 KB
9 KB
Script
General
Full URL
https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_143061732_292495514&js=st0
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=67.192;sz=728x90;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2498785007;ord=k5a2h6;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=2;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
c3c60e064d8b6bcdc0c4da1e20874cd2a3889ab8219f4ead83b926539be8fd89

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 05:12:35 GMT
content-encoding
gzip
server
nginx
age
49683
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
5oRFnDkFvmi31dSoqxnLzOT5DhqRSUm3nWj0isoBguXN49ZjhnaG1Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
I_ABU_AVT_3_STB_DTP_728x90_S_N_EN_NA_ABS_AVT_ForresterWave_NA_NA_01-01_01_MF.jpg
s0.2mdn.net/6141273/
61 KB
61 KB
Image
General
Full URL
https://s0.2mdn.net/6141273/I_ABU_AVT_3_STB_DTP_728x90_S_N_EN_NA_ABS_AVT_ForresterWave_NA_NA_01-01_01_MF.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5d699fefdbb1353ad990ad49626c5f022090b3c956cea7d9c823c68905b948b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 19:25:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 21:55:20 GMT
server
sffe
age
84911
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62003
x-xss-protection
0
expires
Thu, 14 Jan 2021 19:25:27 GMT
event
att.demdex.net/
42 B
915 B
Image
General
Full URL
https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=143061732&d_placement=292495514&d_campaign=24935727&d_site=5936378
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-128-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v087-018d788eb.edge-irl1.demdex.com 5.80.4.20201224153022 4ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
imUDIcZ/Qhc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
d.agkn.com/pixel/2387/
43 B
660 B
Image
General
Full URL
https://d.agkn.com/pixel/2387/?ct=NL&st=&city=0&dma=0&zp=&bw=4&che=2413561263&col=24935727,5936378,292495514,485910716,143061732
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.210.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-210-158.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 83E0
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 13 Jan 2021 21:16:17 GMT
expires
Thu, 13 Jan 2022 21:16:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
78261
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3e194c8d29d29783b0b0f01787bc37977466c8734d7e490a7053e4a8ab29e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47621
x-xss-protection
0
server
cafe
etag
8653705209087798744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Jan 2021 19:00:38 GMT
truncated
/
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements731.js
cdn.doubleverify.com/ Frame 4FD2
273 KB
63 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements731.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
34452778f2b5b0f0706403d9436d50b8110e18a41561fb18134e5e431dd851e7

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 19:00:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Jan 2021 11:22:10 GMT
Server
Microsoft-IIS/10.0
ETag
"05d850ce8d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64179
facebook-whatsapp.jpg
thehackernews.com/images/-gYJMWMZaTOg/X_V7ea3MlvI/AAAAAAAABas/p-sGdwdJnYw99hxyEXPrDK09xdHgSHriwCLcBGAsYHQ/s72-c-e100/
3 KB
3 KB
Image
General
Full URL
https://thehackernews.com/images/-gYJMWMZaTOg/X_V7ea3MlvI/AAAAAAAABas/p-sGdwdJnYw99hxyEXPrDK09xdHgSHriwCLcBGAsYHQ/s72-c-e100/facebook-whatsapp.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b36f7b7a91b6017cd083a284165f3a790af12256025c54cd4432c5e657494e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
78463
cf-polished
origFmt=jpeg, origSize=3462
content-disposition
inline; filename="facebook-whatsapp.webp"
vary
Accept, Accept-Encoding
content-length
2790
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v5ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K9ImHkIsC%2F%2BAKy5rTaBHs1sqDI6ZLgOyYz5hiF83wQr%2FUB%2B%2BjlWE4pZVZFyb0u6jvpcRQGdhTDXO2zsZXNwyG4jC%2F8g3QloaGUkz72VjX5H1J%2F4gLqq7Z%2BM7DCv%2FOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de7f1e0000c2fe74013000000001
accept-ranges
bytes
cf-ray
611999de8d81c2fe-FRA
expires
Tue, 20 Apr 2021 13:56:20 GMT
clone-google-titan-security-keys.jpg
thehackernews.com/images/-XVPdIdLBi2I/X_iOi8TOdII/AAAAAAAABcI/uKHwL165uEYSw34w0h8FfOLQtKcLIzKMQCLcBGAsYHQ/s72-c-e100/
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/images/-XVPdIdLBi2I/X_iOi8TOdII/AAAAAAAABcI/uKHwL165uEYSw34w0h8FfOLQtKcLIzKMQCLcBGAsYHQ/s72-c-e100/clone-google-titan-security-keys.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d5c2f1f8c8b2b8e692438ab72160df48c058cecd883c649c57e16fa4abd9d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
123523
cf-polished
origFmt=jpeg, origSize=1994
content-disposition
inline; filename="clone-google-titan-security-keys.webp"
vary
Accept, Accept-Encoding
content-length
1800
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v5c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QS98WKiaGxjxcJizMqw9lCn8dh05wmUsDxaM39DMoDM9pkYqziCDOuPe%2Bs3v43XpwKn%2B%2Bzuybu%2B6bFvDXiJy5dBEBcXdTNre0TJCDN19XfcHxioFBUlWpnOO%2BF6tXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de7f170000c2fe1a345000000001
accept-ranges
bytes
cf-ray
611999de8d84c2fe-FRA
expires
Wed, 21 Apr 2021 11:00:07 GMT
view
googleads4.g.doubleclick.net/pcs/
0
22 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOnH5FTGvRbpKwGxZYgiq1M2mZEsypUWtJc3HSvvy7w2H0OFiJ5i4Uy-DWQPK4SBE7hULyz4xR9INzPwYGHrFMCJVHwMDachaMCEkvn0KmFvcbSH7JCloQuWpokaYDsehA9yV5aqWo0z-ISEq9XjLX8uyJ3ApZyCaFTWPCRa_y&sig=Cg0ArKJSzFDLaBOhMsVtEAE&urlfix=1&omid=0&rm=1&ctpt=79&vt=11&dtpt=78&dett=2&cstd=0&cisv=r20210112.37737&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=67.192;sz=728x90;u_sd=1;u=__AP1_np_dv_n7hsbqh68kgPA__;dc_adk=2498785007;ord=k5a2h6;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html$0;xdt=0;crlt=kl22z)'DJC;sttr=2;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Jan 2021 19:00:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
t2tv7.html
cdn3.doubleverify.com/ Frame A8AB
0
0
Document
General
Full URL
https://cdn3.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5b1::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3877
Date
Thu, 14 Jan 2021 19:00:38 GMT
Connection
keep-alive
visit.js
tps30.doubleverify.com/ Frame 4FD2
9 KB
4 KB
Script
General
Full URL
https://tps30.doubleverify.com/visit.js?bridua=3&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_%60Tau924%3C6CD%5CDE62%3D%5C%3E%3A%3E642DE%5C46CE%3A7%3A42E6%5CFD65%5D9E%3E%3DU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=https:&dvp_region=30&dfs=1110&ddur=13&uid=1610650838866807&jsCallback=dvCallback_1610650838866956&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=731&tgjsver=731&lvvn=28&m1=15&refD=0&referrer=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&fwc=0&flt=1&fec=654&fcifrms=9&brh=2&dvp_epl=151&noc=16&ctx=607671&cmp=24935727&sid=5936378&plc=292495514&crt=143061732&btreg=485910716&btadsrv=doubleclick&adsrv=1&advid=6141273&dvp_att_uid=__AP1_np_dv_n7hsbqh68kgPA__&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=187975339581.4352&dvp_tukv=16876665964.507685&dvp_uuid=987941300.9921086&dvp_slmsd=80&dvp_vcmsd=90
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , Ireland, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
c66ef322c0e9994b488b4804211ac49bb87e536cf967792690e545928a51f875

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
1/13/2021 7:00:38 PM
adpushup.js
cdn.adpushup.com/37020/
385 KB
139 KB
Script
General
Full URL
https://cdn.adpushup.com/37020/adpushup.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
da3d2faad4e63c722980fd7d31d5f612ea75fa33601a8e76a7f715c5b72f9538

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
gzip
x-cf3
M
cf4ttl
604800.000
x-cf1
28371:fB.ams1:co:1610623077:cacheN.ams1-01:M
x-cf-geodata
false
content-length
141955
x-cf-tsc
1610623370
x-cf2
H
last-modified
Thu, 14 Jan 2021 11:22:49 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
cf4age
0
accept-ranges
bytes
x-cf-rand
41.263
expires
Thu, 14 Jan 2021 19:15:38 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6066
date
Thu, 14 Jan 2021 17:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 14 Jan 2021 19:19:32 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
80065
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
27964
cf-request-id
07a3de7f880000177637337000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l2nGilGdRHFoe16PzzfYwE%2F0cNldW%2Fp%2FVh8AdJXitHMvLl6hYkSH1GQ2Jo8gxmZeOGYJtKNIUTuo6OIW2LpPa%2BKRawBWcFPA4ac07vIqgm5SsAS5gggm28p1iaZzW4jqBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
611999df3a0f1776-FRA
expires
Tue, 04 Jan 2022 19:00:38 GMT
truncated
/
103 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/
226 KB
84 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86268
x-xss-protection
0
server
cafe
etag
7753973667244452840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jan 2021 19:00:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/ Frame 5C3F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUljgdh3d_5x4SRGdiCclJTZaAJcfrriE_XvEB4qRvbWyD9RGRPsUQLKruyx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 14 Jan 2021 11:17:44 GMT
expires
Thu, 28 Jan 2021 11:17:44 GMT
content-type
text/html; charset=UTF-8
etag
12197657918578843409
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
27774
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/
4 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1306400668&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&ul=en-us&de=UTF-8&dt=Hackers%20Steal%20Mimecast%20Certificate%20Used%20to%20Securely%20Connect%20with%20Microsoft%20365&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1195805335&gjid=2007974138&cid=1290692862.1610650839&tid=UA-27389293-1&_gid=1332369823.1610650839&_r=1&_slc=1&z=117827067
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
89 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-27389293-1&cid=1290692862.1610650839&jid=1195805335&gjid=2007974138&_gid=1332369823.1610650839&_u=IEBAAEAAAAAAAC~&z=1263646967
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Jan 2021 19:00:39 GMT
content-type
text/plain
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
207 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=thehackernews.com&callback=_gfp_s_&client=ca-pub-7983783048239650
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
540122fc8ff8ae626d1e88c1a64b4e5bad7386f67dfccde2e95cb52517531b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
109 B
803 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
803 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7CDE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1610619149&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&ea=0&flash=0&pra=5&wgl=1&dt=1610650838935&bpp=33&bdt=995&idt=182&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=960535578869&frm=20&pv=2&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1610619149&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&ea=0&flash=0&pra=5&wgl=1&dt=1610650838935&bpp=33&bdt=995&idt=182&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=960535578869&frm=20&pv=2&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=203
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUljgdh3d_5x4SRGdiCclJTZaAJcfrriE_XvEB4qRvbWyD9RGRPsUQLKruyx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Jan 2021 19:00:39 GMT
server
cafe
content-length
34
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e66b729c5c7126de42faa7947c7f9fe3100798d07a0683117df123ba134355c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6778
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a696a23c4b36e659fab82d44eb299057572792121a95f79fa51e2e57df5b8d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1610541315364515"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28321
x-xss-protection
0
expires
Thu, 14 Jan 2021 19:00:39 GMT
pb.1607067690348.js
cdn.adpushup.com/prebid/
353 KB
135 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.1607067690348.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
f883061dd6064e65f6505f670752fbacc3bf00ec18a4f92ecb10b1632356f8db

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
604800.000
x-cf1
28371:fB.ams1:co:1607067747:cacheN.ams1-01:H
content-length
137467
x-cf-tsc
1607069155
x-cf2
H
last-modified
Fri, 04 Dec 2020 07:42:27 GMT
server
CFS 0215
x-cff
B
etag
W/"5fc9e863-583f7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf4age
1361
accept-ranges
bytes
x-cf-rand
71.239
expires
Fri, 14 Jan 2022 19:00:39 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
320 B
Other
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:38 GMT
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
55 KB
19 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
62fbc57d366ca1e2896456155fed9fd81d6e0846e5dd36d62a36519b30bbaf87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"754 / 70 of 1000 / last-modified: 1610626221"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18975
x-xss-protection
0
expires
Thu, 14 Jan 2021 19:00:39 GMT
apstag.js
c.amazon-adsystem.com/aax2/
116 KB
30 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-5-213.fra6.r.cloudfront.net
Software
Server /
Resource Hash
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 18:54:49 GMT
content-encoding
gzip
server
Server
age
349
etag
089c185b065ebe3e9c21625b16dea242
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
_tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id
U_3CQrsBR2dwbn82CBu_UO7UNf5a_L6AnSRCCoZT4t7RFPBsHkb37w==
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTA2NTA4MzkyMjIsInBhY2tldElkIjoiMDAwMDkwOUMtMGYyNmUzNzAtZTRkNS00ZjJmLTk5MjQtNzI2MzViNTgyOTRjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzAxL2hhY2tlcnMtc3RlYWwtbWltZWNhc3QtY2VydGlmaWNhdGUtdXNlZC5odG1sIiwibW9kZSI6MiwiZXJyb3JDb2RlIjo1LCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:38 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
Probely_2.png
thehackernews.com/images/-_bDdwK2AJzI/X_3lxZ_ksYI/AAAAAAAA3g4/ppmJZMMLCXIg70QZqagTwKYFb6Pz_wwlQCLcBGAsYHQ/s300-e100/
7 KB
8 KB
Image
General
Full URL
https://thehackernews.com/images/-_bDdwK2AJzI/X_3lxZ_ksYI/AAAAAAAA3g4/ppmJZMMLCXIg70QZqagTwKYFb6Pz_wwlQCLcBGAsYHQ/s300-e100/Probely_2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c143fb17908aea30d0c894a883b40b5617cb25f0e1c8dd196327a39c49ef1011
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
123431
cf-polished
origFmt=png, origSize=19108
content-disposition
inline; filename="Probely_2.webp"
vary
Accept, Accept-Encoding
content-length
7524
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vde11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eF16uMXC72sYurmq7CXLidowivdDchJriO7kvZ0T%2BKwe%2FZSU3m1nZCZdZbOCE%2F5JtcumjrFjThOKK4IEov366HsXU7cyMzZtmG8E2%2FI2sgG7q6Qhd9CVnHTn0yQTtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de80ba0000c2fe178dd000000001
accept-ranges
bytes
cf-ray
611999e12ab0c2fe-FRA
expires
Thu, 22 Apr 2021 18:25:00 GMT
Password-post-it.jpg
thehackernews.com/images/-CGc4ndEz68g/X_bgypJGC2I/AAAAAAAAAv0/IUFdLkOa7_ENp274CWbnq7m02mF3_i9lQCLcBGAsYHQ/s72-c-e100/
3 KB
3 KB
Image
General
Full URL
https://thehackernews.com/images/-CGc4ndEz68g/X_bgypJGC2I/AAAAAAAAAv0/IUFdLkOa7_ENp274CWbnq7m02mF3_i9lQCLcBGAsYHQ/s72-c-e100/Password-post-it.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f0b02ab1a37fa6ae736f63e0372bed13fee26ce6ce655cba18c3b80c158d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
123524
cf-polished
status=not_needed
content-disposition
inline;filename="Password-post-it.jpg"
vary
Accept-Encoding
content-length
2809
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v2fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lk63vYlQaI2NrVjV5u7lbFYiSqygdnX%2BFfSVyM%2Bh9TnPKa2f0Ff4tQ%2FRJteI%2Bvz0VF3QyfYN%2FSdHkJiDU7CVy27woaoeTdEutJ6SzHuogBThbGvIeOqJ9%2F46Ybak3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de80b80000c2fe93bea000000001
accept-ranges
bytes
cf-ray
611999e12ab4c2fe-FRA
expires
Tue, 20 Apr 2021 04:38:45 GMT
malware-attack.jpg
thehackernews.com/images/-pRUNAry86ks/X_grxIbKNKI/AAAAAAAABbw/Kwa3e10hAfAA7wVYdzPTx3V3K-2btHBdgCLcBGAsYHQ/s72-c-e100/
3 KB
3 KB
Image
General
Full URL
https://thehackernews.com/images/-pRUNAry86ks/X_grxIbKNKI/AAAAAAAABbw/Kwa3e10hAfAA7wVYdzPTx3V3K-2btHBdgCLcBGAsYHQ/s72-c-e100/malware-attack.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e221320443206a33f7bb4575172888202715002642f7bb81f443d1689724e1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
123524
cf-polished
status=not_needed
content-disposition
inline;filename="malware-attack.jpg"
vary
Accept-Encoding
content-length
2923
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v5bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=paIZckPTKXX1g%2BpqxSQtxJCiBXNggUoIo%2FwX8slH1RzOgnCBFcKN4XWjdi%2B91C7%2BHJin41%2BYw43YlxqDB9Sg%2B%2BMUVdExapBKVl7Knvp3cxAWkC1PrYLuX8Ce%2FfKt0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de80b80000c2fe87897000000001
accept-ranges
bytes
cf-ray
611999e12ab7c2fe-FRA
expires
Fri, 23 Apr 2021 00:23:08 GMT
malware.jpg
thehackernews.com/images/-94F404iWhd0/X_0zlg0R_jI/AAAAAAAABdY/hN4ltzKTdV4UkcvcBa-EhaReoMnlMYFgwCLcBGAsYHQ/s72-c-e100/
3 KB
4 KB
Image
General
Full URL
https://thehackernews.com/images/-94F404iWhd0/X_0zlg0R_jI/AAAAAAAABdY/hN4ltzKTdV4UkcvcBa-EhaReoMnlMYFgwCLcBGAsYHQ/s72-c-e100/malware.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b36f313f46089f78032eb5264c5813ef88200b9dd54bed067c0fcb0afd5d15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
66501
cf-polished
status=not_needed
content-disposition
inline;filename="malware.jpg"
vary
Accept-Encoding
content-length
3245
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v5d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nZIgUIQ%2FJLgmWvUVlWtF6fjQq2Gc7iq%2BKZueg6wV42O6xCwoUSPvbW9lk7gcKZ26cGbBmWBs0ip52VSEwDeO96RmrB%2FTSFR5x61YexgvqYVh3stSADJckCD3alZGpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de80b90000c2fe1a35b000000001
accept-ranges
bytes
cf-ray
611999e12abbc2fe-FRA
expires
Sat, 24 Apr 2021 00:32:18 GMT
doj-email-hacked.jpg
thehackernews.com/images/-MddB9i4hUg0/X_a4Pin9-5I/AAAAAAAABbY/F0a5WJbnHSgMWYbjNkcEzaEGcDXLuDsZQCLcBGAsYHQ/s72-c-e100/
5 KB
6 KB
Image
General
Full URL
https://thehackernews.com/images/-MddB9i4hUg0/X_a4Pin9-5I/AAAAAAAABbY/F0a5WJbnHSgMWYbjNkcEzaEGcDXLuDsZQCLcBGAsYHQ/s72-c-e100/doj-email-hacked.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06ffd6390ad588504e6761e4a01dd13aa2b8f884460fd2844db25af50ff704c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
80746
cf-polished
origFmt=jpeg, origSize=6060
content-disposition
inline; filename="doj-email-hacked.webp"
vary
Accept, Accept-Encoding
content-length
5598
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v5b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ux432F2N1g4GXqyKHvtfm7v3homfK3ISjZabTUGXBhc81NKl9m7e%2FyFyeFIfAS6pvKgSWCSnBdh1Wbv2WwaPJxxb51cbhyMRsrCEhGWDKN6DuuXLrbGQDdpXJG5ouA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable
cf-request-id
07a3de80ba0000c2fe4c825000000001
accept-ranges
bytes
cf-ray
611999e12abec2fe-FRA
expires
Thu, 22 Apr 2021 05:56:32 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4A2D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&h=90&slotname=8972781702&adk=367458844&adf=2959314990&pi=t.ma~as.8972781702&w=728&lmt=1610619149&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&flash=0&wgl=1&dt=1610650838968&bpp=4&bdt=1028&idt=263&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=960535578869&frm=20&pv=1&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=feewU1LU3j&p=https%3A//thehackernews.com&dtd=293
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&h=90&slotname=8972781702&adk=367458844&adf=2959314990&pi=t.ma~as.8972781702&w=728&lmt=1610619149&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&flash=0&wgl=1&dt=1610650838968&bpp=4&bdt=1028&idt=263&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=960535578869&frm=20&pv=1&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=feewU1LU3j&p=https%3A//thehackernews.com&dtd=293
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUljgdh3d_5x4SRGdiCclJTZaAJcfrriE_XvEB4qRvbWyD9RGRPsUQLKruyx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Jan 2021 19:00:39 GMT
server
cafe
content-length
23426
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTA2NTA4MzkyNzEsInBhY2tldElkIjoiMDAwMDkwOUMtMGYyNmUzNzAtZTRkNS00ZjJmLTk5MjQtNzI2MzViNTgyOTRjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzAxL2hhY2tlcnMtc3RlYWwtbWltZWNhc3QtY2VydGlmaWNhdGUtdXNlZC5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI5NjdlY2ZhZC1iZjZiLTQyOWUtOWEzOS05NzcwYzhiN2QxODgiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOTY3ZWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV85NjdlY2ZhZC1iZjZiLTQyOWUtOWEzOS05NzcwYzhiN2QxODgiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:38 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTA2NTA4MzkyNzYsInBhY2tldElkIjoiMDAwMDkwOUMtMGYyNmUzNzAtZTRkNS00ZjJmLTk5MjQtNzI2MzViNTgyOTRjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzAxL2hhY2tlcnMtc3RlYWwtbWltZWNhc3QtY2VydGlmaWNhdGUtdXNlZC5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4YzJkN2Y5NC1hOWM1LTQzYjItODNhNC1jZGNmNzExYWUwNWUiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOGMyZDciLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV84YzJkN2Y5NC1hOWM1LTQzYjItODNhNC1jZGNmNzExYWUwNWUiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:38 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame E321
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&h=600&slotname=3616315140&adk=1702816697&adf=1013268106&pi=t.ma~as.3616315140&w=300&fwrn=4&fwrnh=100&lmt=1610619149&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1610650838972&bpp=2&bdt=1032&idt=328&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=960535578869&frm=20&pv=1&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=1672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KdmMiDqqZ6&p=https%3A//thehackernews.com&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-7983783048239650&output=html&h=600&slotname=3616315140&adk=1702816697&adf=1013268106&pi=t.ma~as.3616315140&w=300&fwrn=4&fwrnh=100&lmt=1610619149&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1610650838972&bpp=2&bdt=1032&idt=328&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=960535578869&frm=20&pv=1&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=1672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C21068769%2C21069720&oid=3&pvsid=3546599446702542&pem=902&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KdmMiDqqZ6&p=https%3A//thehackernews.com&dtd=333
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUljgdh3d_5x4SRGdiCclJTZaAJcfrriE_XvEB4qRvbWyD9RGRPsUQLKruyx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Jan 2021 19:00:39 GMT
server
cafe
content-length
25007
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/
42 B
108 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27389293-1&cid=1290692862.1610650839&jid=1195805335&_u=IEBAAEAAAAAAAC~&z=998202127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27389293-1&cid=1290692862.1610650839&jid=1195805335&_u=IEBAAEAAAAAAAC~&z=998202127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Thu, 14 Jan 2021 19:00:39 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
1 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210114
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df3e54caee3f3b85b8d6eef59d6a4aafbf881336a69d289af3d11714b936dcd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16145
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
755
etag
W/"53d-g8ilfiSkBwF+C68M+qBdKi9u61E"
x-served-by
cache-fra19158-FRA, cache-hhn4045-HHN
date
Thu, 14 Jan 2021 19:00:39 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1
  • https://mug.criteo.com/sid?cpp=pGa61HwzakZYY3pwSk5WUEdjcUxMOFhJdFlPYXNrOGFSM3NBWEdEZ1lyVU82bldBcXlWMXRENnJsS0pxcjhJZ1c5Z212VkZXOTRKNGpoVWQ0UHg4cG9VcVcySXNJNmgvcmJHeEVkQWJXRnJ6YU1QOXBVeGE3UGpoSDkwZ2...
350 B
631 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=pGa61HwzakZYY3pwSk5WUEdjcUxMOFhJdFlPYXNrOGFSM3NBWEdEZ1lyVU82bldBcXlWMXRENnJsS0pxcjhJZ1c5Z212VkZXOTRKNGpoVWQ0UHg4cG9VcVcySXNJNmgvcmJHeEVkQWJXRnJ6YU1QOXBVeGE3UGpoSDkwZ281TktZWXd0dnA4V01XVk0yUkhBMXFaUXdJUTVyd29PeTRlb3pwSzZXSEdaS1Ryclc1c2RsQnl2bjRIWi95WnhES2FyUE1kT3AwS3NpbnUrd0c3NlphVXIrWFJja3I3bFkvb2xrYlYvTklTTTJ5NkFzSjVBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b71366536650d37cb69767b9ec35c687e66fe07ca34a002d7a797ec2186b18b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 14 Jan 2021 19:00:39 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2392
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Jan 2021 19:00:39 GMT
location
https://mug.criteo.com/sid?cpp=pGa61HwzakZYY3pwSk5WUEdjcUxMOFhJdFlPYXNrOGFSM3NBWEdEZ1lyVU82bldBcXlWMXRENnJsS0pxcjhJZ1c5Z212VkZXOTRKNGpoVWQ0UHg4cG9VcVcySXNJNmgvcmJHeEVkQWJXRnJ6YU1QOXBVeGE3UGpoSDkwZ281TktZWXd0dnA4V01XVk0yUkhBMXFaUXdJUTVyd29PeTRlb3pwSzZXSEdaS1Ryclc1c2RsQnl2bjRIWi95WnhES2FyUE1kT3AwS3NpbnUrd0c3NlphVXIrWFJja3I3bFkvb2xrYlYvTklTTTJ5NkFzSjVBPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1746
content-length
482
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
715 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:39 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.155:80
AN-X-Request-Uuid
74baf1ea-ba04-4183-bbed-5917207dc7c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
296 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=a4c819d4-a1bd-4fa8-bf91-23e403216204&nocache=1610650839416&schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&mimes[]=video/mp4&mimes[]=video/webm&minduration=0&maxduration=300&protocols[]=2&protocols[]=3&protocols[]=5&protocols[]=6&api[]=2&playbackmethod=6&linearity=1&auid=541218336&vwd=undefined&vht=undefined&vos=101&vmimes[]=video/mp4&vmimes[]=video/webm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.200.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
via
1.1 google
server
OXGW/16.200.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thehackernews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
478 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https://thehackernews.com/2021/01/hackers-steal-mimecast-certificate-used.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=dfbf3971-a19b-4dba-87a5-ac68414cf47b&nocache=1610650839416&schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&mimes[]=video/mp4&mimes[]=video/webm&minduration=0&maxduration=300&protocols[]=2&protocols[]=3&protocols[]=5&protocols[]=6&api[]=2&playbackmethod=6&linearity=1&auid=541218336&vwd=undefined&vht=undefined&vos=101&vmimes[]=video/mp4&vmimes[]=video/webm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.200.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
via
1.1 google
server
OXGW/16.200.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thehackernews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/211746/0/
0
274 B
XHR
General
Full URL
https://tag.1rx.io/rmp/211746/0/mvo?z=1r&hbv=3.16.0-pre,2.1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thehackernews.com
Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:39 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
c
prebid.a-mo.net/a/
638 B
744 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
2de4feb4f5b69b47377d2a8f54b69af46b353e8f96c7852aa6f30bfedbc2bfe2

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Jan 2021 19:00:38 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
48
content-length
313
pubads_impl_2021010903.js
securepubads.g.doubleclick.net/gpt/
275 KB
97 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 10 Jan 2021 01:35:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99142
x-xss-protection
0
expires
Thu, 14 Jan 2021 19:00:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 70BE
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Thu, 14 Jan 2021 17:07:53 GMT
expires
Fri, 14 Jan 2022 17:07:53 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6766
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bid
c.amazon-adsystem.com/e/dtb/
23 B
371 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&pid=zTzRVks3QYv4q&cb=0&ws=1600x1200&v=7.58.01&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22responsivexresponsive%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055424785%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22responsivexresponsive%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889203%22%7D%5D&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-5-213.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:39 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CJ38qaZRZsYUcEFQzI_2KQG1VwMl5vJO8RKvud6b0iYWuY3SidcSGA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-5-213.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding
gzip
etag
"a4d296427fc806b21335359e398c025c"
age
67212
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 23 Dec 2020 21:52:09 GMT
server
AmazonS3
date
Thu, 14 Jan 2021 00:20:28 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
yS_ZOHhWtPQbz76pLVH33AE8iTfh_Be5wP5ce6rpxG93cZgS4yRc0Q==
ca
choices.trustarc.com/
6 KB
3 KB
Script
General
Full URL
https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332637_292494536&js=st_1pm&sz=300x250&c=te-3258
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_143061732_292495514&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
baee3eba13aa2ce6a223a1e67efdef7a79a2ab1f15622b5fac79bac4a6a52614

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2290
x-amz-cf-id
Ou3k6MJADzNlUBWPVQl9FBROsLtsVXx-2ntPH5JO13dPkmmU5fWhsA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/
38 KB
12 KB
Script
General
Full URL
https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332637_292494536&js=st_2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_143061732_292495514&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 14:31:00 GMT
content-encoding
gzip
server
nginx
age
16179
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
-cPUL4AHoC_OG5NyUlmJlh1y9Lj92ernLI2K-cQ5j6H6AezKrS7QVg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/
43 B
382 B
Image
General
Full URL
https://choices.trustarc.com/cap?aid=att_hs&pid=att01&cid=24935727_144332637_292494536&w=300&h=250&c=e5fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
9qcB_18oLXEgUKpVyclrS9CCUZxb8HWfK-c-vSSd0IQrva5E0Nogpg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/
6 KB
3 KB
Script
General
Full URL
https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_143061732_292495514&js=st_1pm&sz=300x250&c=te-63aa
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_143061732_292495514&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
f8be2f4a1668a67d27150d523cfe177edaa0d42edf28b250d0555ee5680b0bca

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2289
x-amz-cf-id
x2cMZW0jZPDT2FVvuecttjaDwm_uru_ms8lRcpLniC-La8R72Y0jNg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/
38 KB
12 KB
Script
General
Full URL
https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_143061732_292495514&js=st_2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_143061732_292495514&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 15:25:49 GMT
content-encoding
gzip
server
nginx
age
12890
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
xob7-j79xyWtF75N-SG2CEet4-sd8Jza4EMk75SfrMVWiQ49Jwpp5A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/
43 B
382 B
Image
General
Full URL
https://choices.trustarc.com/cap?aid=att_hs&pid=att01&cid=24935727_143061732_292495514&w=300&h=250&c=176e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
wkTiEeB3HIEn8ghpbLcmTFwrf21Br5lkMAskBukxejquiOlSBR6qyw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
59 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210112&jk=3546599446702542&bg=!OzilOHvNAAUYkFXlGDsAKQB2-DxacwdoXc60vG0IFcgzdmCBJRjyIP5LbKX77gEWCYj1cv480Ig1AgAAALpSAAAAFmgBBwoA8fu8ZZu-IfndDHM1AllpkpX6QnG5G4Z1otSyntnVmuiUbv6pL3c4WVp36CXwLcABI9RygqWBhLJWzzCdIUR2wzm0S8LsHfvVpsay80My4622Z4EOhLb-eNuD9lJNRh4QAAgr0fLnKvmwZp4itLx713XOI1dXR8Y5g_x-nbLkVl7DkGtM2yeTPdeZSk1ylMDgmtx9ZTll68fZ_LFQlB1ieVvd0xmbP3c7clqxLf6aX8ZVsON0YE7nJtjk3QHvffFDiu8Ovp-L5F7xKT9PRk5y81716Wk4ocTMwcHpM4ZvtKY91lHiLwTpsLSJilyvqhp8fC6ZAd2G04wVwItU6g_fGrRz-AnXBzGw7oKMweAU66DuLoVErLDODv4v7wONbWqr8cpFV5RY_qI9nrWJyUNz1Zz_KCQXyzhyn4-dVo1GhnMf_TpgJbUC8cFmNwEERfVVrOilkhtFPf0FAe6uV6WC8MIZ8BISqY-klkN-r6b1arQJx9jJTbvUHq-oYfHRUbys708aX8GWqWPzcSxTjUeqHVACL8036v2L_GId-Y9UARVLsSEZdaSvDQJPKS1K__TdMPr1dxqCXeKAUNlDVhGrL0KPcQsYZFFI3NvbZ1DdgaJ8WbXtXqYvsIUJWoORwQElZ4kC2fA8FQIJFNMrEHwRxHdlHpPM1zws9HFDq9zJHxBY0cndK9BTd6-Tx4ZeykVKhRB234lvbfQoR0oivwC_nW3jMQP8BsLx-OAyom8dADxMaRYlPnR6vMASx6EZqokeIlv3S2n6jeJXMtIUH5lnI5eNXuJNxoCjfSGcAOLTKi6XdhbDTYmg-H5yhIcVJVTbHPku1TcdBeVcOJDbCeZnxZNQkD568nXULR890sertxZelGqQzn8pc3ADzio32kCINhcS1PpSfDh10ORyfuSz7AjlQ99B6JpFGA06gEp0g6d3rejTqa-URoGeP1iE6IL3xDE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/
42 B
132 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRsqelgXKmOJZ_VH_WawJaY9MS0hzjL9a_DHGcrv7ngPH4rumRcpnohJUrbUZHHKW5ozrN2_7icA&sig=Cg0ArKJSzAs35lzhw66qEAE&id=lidar2&mcvt=1000&p=479,1031,729,1331&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210113&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=2533488393&rs=6&la=0&cr=0&osd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 19:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
179 KB
31 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3546599446702542&correlator=3446237301766056&output=ldjh&impl=fifs&adsid=NT&eid=21067995%2C21068773&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=103512698%2C22055424785%2C22055889203&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%2C320x50&fluid=height%2Cheight&prev_scp=amznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%7Camznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx&cookie=ID%3Da7bb7e37f7633060-22296521a3a6003a%3AT%3D1610650839%3ART%3D1610650839%3AS%3DALNI_MYNeLwV-Y2MfCg_HgJKcfr4E6mYSA&bc=31&abxe=1&lmt=1610619149&dt=1610650839779&dlt=1610650837940&idt=1608&frm=20&biw=1600&bih=1200&oid=3&adxs=269%2C269&adys=1227%2C1786&adks=3164350068%2C2927039457&ucis=1%7C2&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F01%2Fhackers-steal-mimecast-certificate-used.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x0%7C730x0&msz=730x0%7C730x0&ga_vid=1290692862.1610650839&ga_sid=1610650839&ga_hid=1306400668&fws=0%2C0&ohw=0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
832d60610bb2ef9da1553a08646b2da197be77f9f89ef7ea309d4335a70f7fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31691
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

get
choices.trustarc.com/ Frame 9696
287 B
631 B
Image
General
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Thu, 31 Dec 2020 21:35:14 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
server
nginx
age
1200325
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
content-length
287
x-amz-cf-id
FZDiajPPOXoC_aFQXfN3qEUk9pS4d_yYGDcBLxx4AJG-1ZZTe7vjUA==
expires
Sat, 30 Jan 2021 21:35:14 GMT
get
choices.trustarc.com/ Frame 9696
739 B
1 KB
Image
General
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Dec 2020 21:40:13 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
server
nginx
age
1891226
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
content-length
739
x-amz-cf-id
LD7WSCrQZbSVWWjPTU9HIqh_aC8vMyy5Mka2AxYmxZg4kmZSnteYqQ==
expires
Fri, 22 Jan 2021 21:40:13 GMT
get
choices.trustarc.com/ Frame E94A
287 B
630 B
Image
General
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_143061732_292495514&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Thu, 31 Dec 2020 21:35:14 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
server
nginx
age
1200326
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
content-length
287
x-amz-cf-id
H4fcRQOT-DB8qSioo7j1ZVqba8mTgl6rCTZDmbj77PEf2PW1MDXVmw==
expires
Sat, 30 Jan 2021 21:35:14 GMT
get
choices.trustarc.com/ Frame E94A
739 B
1 KB
Image
General
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_143061732_292495514&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-55.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Dec 2020 21:40:13 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
server
nginx
age
1891227
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
content-length
739
x-amz-cf-id
7pcUlRUVRBkwLw8zaRIGTeFkfn1q1mVIGBfKpWdiNHuErl9EHjR7cA==
expires
Fri, 22 Jan 2021 21:40:13 GMT
container.html
464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4DDF
0
0
Document
General
Full URL
https://464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 14 Jan 2021 19:00:39 GMT
expires
Fri, 14 Jan 2022 19:00:39 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2CFC
0
0
Document
General
Full URL
https://464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 14 Jan 2021 19:00:39 GMT
expires
Fri, 14 Jan 2022 19:00:39 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event.png
tps20228.doubleverify.com/ Frame EF8E
67 B
467 B
Other
General
Full URL
https://tps20228.doubleverify.com/event.png?impid=ac2bed2225ef416f8f7b77d0b9af1db1&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=76&eoid=9&msrjs=731&pltfrm=Linux%20x86_64&dvp_acibv=&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=1305&dvp_ndp_meta=53&dvp_ndp6=false&dvp_acifd=1&dvp_mref=&dvp_acc=109&dvp_acl=48283&dvp_acwe=0&dvp_vpos=1600-1200-1&dvp_acpdr=506&dvp_acpdt=1&dvp_acprc=0&bsigr=289&isvelg=1&vit=2&engms=1&engisel=1&dvp_t1stMsgB=239&upvid=1610650838725610712&colltid=59&cmpms=164&clcdms=164&mpms=164&advms=164&cmpMPms=164&tlts=1610650838724&cbust=1610650840824221
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.23 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:40 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
1/13/2021 7:00:40 PM
event.png
tps20229.doubleverify.com/ Frame 4FD2
67 B
467 B
Other
General
Full URL
https://tps20229.doubleverify.com/event.png?impid=3db6e096fc7f4755a1b4e6e0840d8197&dvp_ealmp=1&dvp_t1stMsgD=41&vdur=34&eoid=8&msrjs=731&pltfrm=Linux%20x86_64&dvp_acibv=&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=1305&dvp_ndp_meta=53&dvp_ndp6=false&dvp_acifd=1&dvp_mref=&dvp_acc=109&dvp_acl=48283&dvp_acwe=0&dvp_vpos=1600-1200-1&dvp_acpdr=506&dvp_acpdt=1&dvp_acprc=0&bsigr=289&isvelg=1&vit=2&engms=1&engisel=1&upvid=1610650838725610712&colltid=59&cmpms=164&clcdms=164&mpms=164&advms=164&cmpMPms=164&tlts=1610650838888&cbust=1610650840906741
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:39 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
1/13/2021 7:00:40 PM
event.png
tps20228.doubleverify.com/ Frame EF8E
67 B
467 B
Other
General
Full URL
https://tps20228.doubleverify.com/event.png?impid=ac2bed2225ef416f8f7b77d0b9af1db1&msrcanlm=262794&msrcannum=5&eoid=11&ismms=59&isumms=58&isvelg=1&nvr=6&isbxdms=2260&b11=2386&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2386&sftb=2386&msrdp=12&naral=262272&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=959&isuiabvms=959&ispmxpms=959&engalms=57&engscrlms=1068&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1610650841823757
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.23 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:41 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
1/13/2021 7:00:41 PM
event.png
tps20229.doubleverify.com/ Frame 4FD2
67 B
467 B
Other
General
Full URL
https://tps20229.doubleverify.com/event.png?impid=3db6e096fc7f4755a1b4e6e0840d8197&msrcanlm=714&msrcannum=10&eoid=10&ismms=18&isumms=18&isvelg=1&nvr=2&isbxdms=2118&b0=2267&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2267&sftb=2267&msrdp=8&naral=192&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=18&engscrlms=23&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1610650841905117
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:41 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
1/13/2021 7:00:41 PM
rid
match.adsrvr.org/track/
109 B
544 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b0fff50c5e9c693443c9f56e519a43a15d3e5b29da08e36fa0d9d8a4181f18b3

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Jan 2021 19:00:42 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 13 Feb 2021 19:00:42 GMT
usync.html
eus.rubiconproject.com/ Frame 1137
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.15.54 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-8-15-54.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Jan 2021 19:00:42 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 644F
0
0
Document
General
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 14 Jan 2021 19:00:42 GMT
Age
21908183
X-Served-By
cache-lga21948-LGA, cache-hhn4038-HHN
X-Cache
HIT, HIT
X-Cache-Hits
236858, 108295
X-Timer
S1610650843.836516,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 51F1
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
0
0
Document
General
Full URL
https://u.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1607067690348.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.200.0 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a67a53a6-4d29-43ee-a564-5c819ef9a747|1610650842
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thehackernews.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=a67a53a6-4d29-43ee-a564-5c819ef9a747|1610650842; Version=1; Expires=Fri, 14-Jan-2022 19:00:42 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1610650842|gekin0vNiygu; Version=1; Expires=Fri, 29-Jan-2021 19:00:42 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.200.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 14 Jan 2021 19:00:42 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=a67a53a6-4d29-43ee-a564-5c819ef9a747|1610650842; Version=1; Expires=Fri, 14-Jan-2022 19:00:42 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.200.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/pd?cc=1
date
Thu, 14 Jan 2021 19:00:42 GMT
content-length
0
via
1.1 google
alt-svc
clear
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=sovrn&uid=8560133694651225ce24dfc3
0
117 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=sovrn&uid=8560133694651225ce24dfc3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Date
Thu, 14 Jan 2021 19:00:42 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=sovrn&uid=8560133694651225ce24dfc3
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=index_rtb&uid=YACU2IM1kLIxIlX.9iGKNgAA%261145
0
114 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=index_rtb&uid=YACU2IM1kLIxIlX.9iGKNgAA%261145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=index_rtb&uid=YACU2IM1kLIxIlX.9iGKNgAA%261145
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Thu, 14 Jan 2021 19:00:42 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D86098b42-4acb-4aae-8840-633dd2de5193%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D86098b42-4acb-4aae-8840-633dd2de5193%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
  • https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=appnexus&uid=6127067867737806773
0
140 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=appnexus&uid=6127067867737806773
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:00:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy

Redirect headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:42 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.50:80
AN-X-Request-Uuid
022ce0eb-7190-49d1-80f5-36eadce7cd30
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=86098b42-4acb-4aae-8840-633dd2de5193&D=&bidder=appnexus&uid=6127067867737806773
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event.png
tps20228.doubleverify.com/ Frame EF8E
67 B
467 B
Other
General
Full URL
https://tps20228.doubleverify.com/event.png?impid=ac2bed2225ef416f8f7b77d0b9af1db1&mascid=kjx7x93kzaqx05tygllj0l9em3fv0bqc&dvp_masver=731&eoid=12&cbust=1610650843927566
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.23 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:43 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
1/13/2021 7:00:43 PM
event.png
tps20229.doubleverify.com/ Frame 4FD2
67 B
467 B
Other
General
Full URL
https://tps20229.doubleverify.com/event.png?impid=3db6e096fc7f4755a1b4e6e0840d8197&mascid=kjx7x93kzaqx05tygllj0l9em3fv0bqc&dvp_masver=731&eoid=11&cbust=1610650844009543
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements731.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 19:00:43 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
1/13/2021 7:00:43 PM

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| adpushup string| share_url string| share_title object| dvPerf object| _dv_win object| dv_config object| dvbsScriptsInternal object| dvbsProcessed object| _dvScripts function| dv_rolloutManager function| doesBrowserSupportHTML5Push function| dv_GetParam function| dv_Contains function| dv_GetDynamicParams function| dv_createIframe function| dv_GetRnd function| dv_SendErrorImp function| dv_CreateAndGetErrorImp function| dv_sendImgImp function| dv_sendScriptRequest function| dv_getPropSafe function| dvBsType function| dv_baseHandler function| dvbs_src_main object| dv_baseHandlerIns object| dv_handlersDefs object| $dvbs function| __tagObject_callback_92728566285 function| __verify_callback_92728566285 number| depth object| dvObj function| np764531 string| impId number| htmlRate number| runTag number| lab number| sources string| adid number| urlTypeId number| ddt string| bundleID string| date string| prefix object| refm object| dcmads object| goog_ddm_ps function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc function| ait function| ast object| GoogleTyFxhY function| __tagObject_callback_551647794920 function| __verify_callback_551647794920 function| omrhp number| dv_flow object| $dv number| $frmId number| __google_lidar_ number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| osdlfm object| google_js_reporting_queue object| truste string| te_clr1_9b96aec3_3b5a_416a_a93a_c7a1320c1d55_ib object| te_clr1_9b96aec3_3b5a_416a_a93a_c7a1320c1d55_bi object| t2tTimestampData function| dvCallback_1610650838691509 object| lazySizes object| __cfQR string| te_clr1_6d2cfa78_daba_470b_b9aa_bfcf1ddd8fa2_ib object| te_clr1_6d2cfa78_daba_470b_b9aa_bfcf1ddd8fa2_bi function| dvCallback_1610650838866956 object| adsbygoogle object| images number| index function| head function| SmoothScroll string| GoogleAnalyticsObject function| ga boolean| __cfRLUnblockHandlers number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map number| google_lpabyc number| google_unique_id object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| setImmediate function| clearImmediate object| googletag object| _apPbJs object| hbAnalytics object| apstag object| adpTags object| hbRulesApi object| GoogleGcLKhOms function| _apPbJsChunk object| _pbjsGlobals object| __core-js_shared__ string| nobidVersion object| nobid function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| apstagLOADED object| script object| google_image_requests object| iever object| te_clr1_d4ce986d_5432_46fa_90ab_123cb9ef28f3_bi object| TECA object| te_clr1_50ab83c3_f7f8_4ead_b481_6ae56114d9e3_bi

1 Cookies

Domain/Path Name / Value
.thehackernews.com/ Name: __cfduid
Value: d9b3cfad111e5ca8d44f1f0674a97ae821610650837

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

464454096115c109bcc0abf494e5d947.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adpushup-d.openx.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ap.lijit.com
att.demdex.net
c.amazon-adsystem.com
cdn.adpushup.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdn3.doubleverify.com
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
d.agkn.com
e3.adpushup.com
eus.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid.a-mo.net
rtb0.doubleverify.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssum.casalemedia.com
stats.g.doubleclick.net
tag.1rx.io
thehackernews.com
tpc.googlesyndication.com
tps20228.doubleverify.com
tps20229.doubleverify.com
tps20515.doubleverify.com
tps20520.doubleverify.com
tps30.doubleverify.com
u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.108.145.8
136.144.59.88
143.204.215.88
151.101.113.108
172.217.16.130
172.217.18.98
172.217.22.6
178.250.2.146
185.33.220.242
205.234.175.175
213.19.147.210
213.254.244.11
213.254.244.19
213.254.244.23
213.254.244.26
216.52.2.39
216.58.212.130
23.8.15.54
23.97.225.52
2606:4700:20::681a:61
2606:4700::6810:135e
2606:4700::6810:a723
2a00:1450:4001:800::2003
2a00:1450:4001:800::2006
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::2002
2a00:1450:4001:817::2004
2a00:1450:4001:81f::2001
2a00:1450:400c:c0c::9d
2a02:2638::1c
2a02:26f0:10c:5b1::4469
2a04:4e42:1b::621
3.123.210.158
34.249.128.36
35.244.159.8
52.49.114.167
99.86.5.213
99.86.7.55
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04d5c2f1f8c8b2b8e692438ab72160df48c058cecd883c649c57e16fa4abd9d3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ffd6390ad588504e6761e4a01dd13aa2b8f884460fd2844db25af50ff704c5
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
09df83b2f1d053440d88568137958595bce8b07f21578eb9a2647e51aec2acc0
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
2de4feb4f5b69b47377d2a8f54b69af46b353e8f96c7852aa6f30bfedbc2bfe2
2e66b729c5c7126de42faa7947c7f9fe3100798d07a0683117df123ba134355c
32c80a55d06b9da550f41424241174895bdbe1dd174ee1d015a4d56747cd2a99
34452778f2b5b0f0706403d9436d50b8110e18a41561fb18134e5e431dd851e7
39844694c3746217c90b2029ca3d8157ac85a33a08deba14782144731b01f086
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
3dfdc0f1f5043f0c5f55685c412a5d85799c9567447bb08a437fb95a7659a65a
3f328da5eb60d99ec767c964252b04ae9d8c66f645dcb2e933b6ae481d712969
40adb937145b21abf0b1dde7dfa4d0a80be21ce7bf7d4f85ca944022a23c6785
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
540122fc8ff8ae626d1e88c1a64b4e5bad7386f67dfccde2e95cb52517531b78
5b36f7b7a91b6017cd083a284165f3a790af12256025c54cd4432c5e657494e3
5e221320443206a33f7bb4575172888202715002642f7bb81f443d1689724e1e
62fbc57d366ca1e2896456155fed9fd81d6e0846e5dd36d62a36519b30bbaf87
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
6a696a23c4b36e659fab82d44eb299057572792121a95f79fa51e2e57df5b8d1
6b664dc4bd7fabb97674b52b85ed042296147b17a387996da5ff9908fe43de00
6cfe9636ca50bb0432bffc57180eae1a5a3463bbbf3300773db33b3133413ed9
722019559c56373d4fa5da8b5c83079d1f96a433243b36d445429485041af94b
72b36f313f46089f78032eb5264c5813ef88200b9dd54bed067c0fcb0afd5d15
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74bc08ee52fa2067ff5454e5e00d4cf4bdaac57ab7a746b355671177969b31d4
74d2768a0e219b931fac3b975b3b09ff08d410c66514112d5cb65622ed41751c
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
832d60610bb2ef9da1553a08646b2da197be77f9f89ef7ea309d4335a70f7fb1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b73bcd7276a5b21d248634c71b74fb1401793960414f3562fee52f18e9050e2
8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
ad4d1d803bfa6e58ab3e3c36745fba8dc9838651945aab88a0174b9a06425da0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0fff50c5e9c693443c9f56e519a43a15d3e5b29da08e36fa0d9d8a4181f18b3
b1accab39490c3ea637edcf9ce20212a90e859a6cfbe62ef44dfdb420095cfde
b71366536650d37cb69767b9ec35c687e66fe07ca34a002d7a797ec2186b18b9
baee3eba13aa2ce6a223a1e67efdef7a79a2ab1f15622b5fac79bac4a6a52614
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c143fb17908aea30d0c894a883b40b5617cb25f0e1c8dd196327a39c49ef1011
c2842ab20cc17cb61e32799c8cff642f37a20a933b12f678628b4666c0311f78
c3c60e064d8b6bcdc0c4da1e20874cd2a3889ab8219f4ead83b926539be8fd89
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c5d699fefdbb1353ad990ad49626c5f022090b3c956cea7d9c823c68905b948b
c66ef322c0e9994b488b4804211ac49bb87e536cf967792690e545928a51f875
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d4ced01a14172257e54bfca5d752ad79288fcb3a503f9b92d5d9402d9c8b9a75
d8f0b02ab1a37fa6ae736f63e0372bed13fee26ce6ce655cba18c3b80c158d2f
da3d2faad4e63c722980fd7d31d5f612ea75fa33601a8e76a7f715c5b72f9538
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
df3e54caee3f3b85b8d6eef59d6a4aafbf881336a69d289af3d11714b936dcd8
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03c3526dd6db1c340c972db0194f8b732611626e1bcde62426d70a68c7a023b
f3e194c8d29d29783b0b0f01787bc37977466c8734d7e490a7053e4a8ab29e87
f883061dd6064e65f6505f670752fbacc3bf00ec18a4f92ecb10b1632356f8db
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
f8be2f4a1668a67d27150d523cfe177edaa0d42edf28b250d0555ee5680b0bca
fe94fcc14c2b9f93c39cbe038796bff0ebc07a140ebd15e66b3a897b6a25bc82