thehackernews.com Open in urlscan Pro
2606:4700:20::681a:161 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
Submission: On April 09 via api (April 9th 2020, 2:42:05 pm UTC) from US

Summary HTTP 37 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 37 HTTP transactions. The main IP is 2606:4700:20::681a:161, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 1st 2020. Valid for: 6 months.

This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:20:... 2606:4700:20::681a:161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
4 4	172.217.18.166 172.217.18.166	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:20e... 2600:9000:20eb:3200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	63.32.201.208 63.32.201.208	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
37	9

17 2606:4700:20::681a:161 (United States)

ASN13335 (CLOUDFLARENET, US)

thehackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:3200:19:fc2c:a140:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.32.201.208 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-208.eu-west-1.compute.amazonaws.com

att.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	thehackernews.com thehackernews.com	360 KB
10	doubleclick.net 5 redirects ad.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	130 KB
4	demdex.net 2 redirects att.demdex.net	3 KB
2	google.de www.google.de adservice.google.de	280 B
2	google.com 1 redirects www.google.com adservice.google.com	351 B
2	agkn.com 2 redirects d.agkn.com	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	34 KB
1	googletagservices.com www.googletagservices.com	28 KB
37	10

	Domain	Requested by
17	thehackernews.com	thehackernews.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	att.demdex.net	2 redirects
4	ad.doubleclick.net	4 redirects
4	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	d.agkn.com	2 redirects
2	www.google-analytics.com	1 redirects thehackernews.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdnjs.cloudflare.com	thehackernews.com
1	ajax.cloudflare.com	thehackernews.com
37	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
deals.thehackernews.com
thehackernews.tradepub.com
www.instagram.com
t.me
www.bitdefender.com
en.wikipedia.org
www.proofpoint.com
www.reddit.com
news.ycombinator.com
api.whatsapp.com
telegram.me
ad.doubleclick.net
go.thn.li

Subject Issuer	Validity	Valid
thehackernews.com CloudFlare Inc ECC CA-2	`2020-04-01` - `2020-10-09`	6 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
www.google.de GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
Frame ID: 8C06EB420D4D00AD30D58377D88CDD6C
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/zrt_lookup.html
Frame ID: 5D69F4C02294B551DF8E278715BEFA9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1992721210&adk=845904374&adf=2959314990&w=970&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=250&rw=970&sfro=1&wgl=1&adsid=NT&dt=1586443310169&bpp=14&bdt=146&fdt=66&idt=67&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3827090672795&frm=20&pv=2&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=2090&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=170&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gEeNBJXXD6&p=https%3A//thehackernews.com&dtd=86
Frame ID: 7FE63B0B36FBCFCD7E8065F755D18AD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5243175864&adk=4125629010&adf=1730142069&w=728&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&adsid=NT&dt=1586443310183&bpp=6&bdt=160&fdt=105&idt=105&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=10282&dssz=25&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=263&ady=1324&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ed3HaBCJfP&p=https%3A//thehackernews.com&dtd=111
Frame ID: 07148D0D1A123C7E2B183E3E9CC621BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=2686376852&adk=1464095591&adf=3350534670&w=300&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&adsid=NT&dt=1586443310189&bpp=4&bdt=166&fdt=114&idt=114&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=41130&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=477&ady=2886&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=F9UivXjuQR&p=https%3A//thehackernews.com&dtd=118
Frame ID: 366EFF3FEEC4C144509FEFB125EFD422
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1586434249&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586443310193&bpp=5&bdt=171&fdt=124&idt=124&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90%2C300x250&nras=1&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=41130&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=134
Frame ID: 0731BFF0BECFCF2CC33D4E9ADA5B140F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F1025E628D00CA36EF118DC5B4728672
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

37
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

16
Subdomains

9
IPs

4
Countries

637 kB
Transfer

1090 kB
Size

1
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thehackernews
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/thehackersnews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/thehackernews?sub_confirmation=1
Title: 

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/
Title:  Offers

Search URL Search Domain Scan URL

URL: https://thehackernews.tradepub.com/
Title: Free eBooks

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/free
Title: Freebies

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAADwuDObFWF60CiR-HQ
Title:  Telegram Channel

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf
Title: researchers said

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCnnWTRv_Ii1K35OiEcJEgpQ/videos
Title: YouTube channel

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Ioctl
Title: ioctl calls

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Cron
Title: cron service

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/insider-view-russian-cybercrime-infrastructure
Title: brute-force attacks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&text=Dark%20Nexus%3A%20A%20New%20Emerging%20IoT%20Botnet%20Malware%20Spotted%20in%20the%20Wild&via=TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html
Title: 

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&t=Dark%20Nexus%3A%20A%20New%20Emerging%20IoT%20Botnet%20Malware%20Spotted%20in%20the%20Wild
Title: Share on Hacker News

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Dark%20Nexus%3A%20A%20New%20Emerging%20IoT%20Botnet%20Malware%20Spotted%20in%20the%20Wild%20%E2%80%94%20https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html
Title: Share on WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&text=Dark%20Nexus%3A%20A%20New%20Emerging%20IoT%20Botnet%20Malware%20Spotted%20in%20the%20Wild
Title: Share on Telegram

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/463791546;269244864;z

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/jump/N424004.3381407THEHACKERNEWS/B23636320.269244864;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794

Search URL Search Domain Scan URL

URL: https://go.thn.li/zoho-1

Search URL Search Domain Scan URL

URL: https://go.thn.li/sidebar-webinar

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/463791531;269244987;z

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/jump/N424004.3381407THEHACKERNEWS/B23636320.269244987;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794

Search URL Search Domain Scan URL

URL: https://go.thn.li/native-webinar
Title: Webinar — Secure Code Warrior: Dev to DevSecProven methods to build security awareness in developers. Watch the webinar.

Search URL Search Domain Scan URL

URL: https://go.thn.li/native-whitepaper
Title: Learn Secure Coding with Secure Code WarriorThe 5 Point Tactical Guide for Secure Developers. Get the whitepaper.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-2019-ethical-hacker-masterclass-bundle
Title: <img alt='Learn Ethical Hacking Online' class='deal-link' src='https://thehackernews.com/images/-6bFLF28Wvxc/XHaUg588fBI/AAAAAAAAAGU/USPKfrcXaLgzaOBfKGb92v-0T12CIaK9wCLcBGAs/s260-e100/learn-hacking-training.jpg'/> Learn Ethical Hacking [Training] Lifetime Access

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/keepsolid-vpn-unlimited-lifetime-subscription-5
Title: <img alt='Unlimited Secure VPN Service' class='deal-link' src='https://thehackernews.com/images/-NnUk1eJVmVk/XHggwOYT51I/AAAAAAAAzbg/_5sUNHfsdiYDo-si4rya7tVT4pSZI0qSACLcBGAs/s260-e100/unlimited-vpn.jpg'/> Unlimited Secure VPN Lifetime Access

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/2018-cybersecurity-bundle
Title: <img alt='Best Hacking Books' class='deal-link' src='https://thehackernews.com/images/-4fAuruXOrkE/XDW4dE5zVMI/AAAAAAAAy9A/K13EeHK67NM69FUaCYDYtunHofUHjtt4wCLcBGAs/s260-e100/hacking-cybersecurity-books.jpg'/> Best Hacking Books [Download] Super Bundle

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-complete-2020-cisco-ccna-certification-prep-course
Title: <img alt='Cisco Certification Courses' class='deal-link' src='https://thehackernews.com/images/-2nVCe__qYkc/WxVG9s8C7CI/AAAAAAAAw6Q/fFsdOSE-DEYDqqf3z9KWus0oBWdbzAkAgCLcBGAs/s260-e100/cisco-it-networking-certification.png'/> Cisco Certifications Training Lifetime Access

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/citizengoods-exclusives
Title: Exclusives

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-specialization-developer
Title: Development

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-interest-android
Title: Android

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244864;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244864;dc_pre=CPyv1u_J2-gCFVWNGwodGksNKg;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://d.agkn.com/pixel/2388/?che=1421473826&col=23636320,5936378,269244864,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d_site=5936378&d_cb=1421473826 HTTP 302
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d_site=5936378&d_cb=1421473826 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d_site=5936378&d_cb=1421473826

Request Chain 20

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244987;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244987;dc_pre=CNzs1u_J2-gCFdVEGwoditsPAw;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://d.agkn.com/pixel/2388/?che=31657283&col=23636320,5936378,269244987,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_site=5936378&d_cb=31657283 HTTP 302
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_site=5936378&d_cb=31657283 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_site=5936378&d_cb=31657283

Request Chain 25

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=555674547&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&ul=en-us&de=UTF-8&dt=Dark%20Nexus%3A%20A%20New%20Emerging%20IoT%20Botnet%20Malware%20Spotted%20in%20the%20Wild&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1211222793&gjid=671458946&cid=460399375.1586443310&tid=UA-27389293-1&_gid=1672816271.1586443310&_r=1&z=1349746247 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_gid=1672816271.1586443310&gjid=671458946&_v=j81&z=1349746247 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_v=j81&z=1349746247 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_v=j81&z=1349746247&slf_rd=1&random=247730287

37 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request darknexus-iot-ddos-botnet.html Show response
thehackernews.com/2020/04/ 123 KB
40 KB 83ms
59ms Document
text/html 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordPress VIP

Resource Hash

fcbb9821304a64ce046ff0413f63da8fccc2ef7513514238f5ae6c0a48994c3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: thehackernews.com
:scheme: https
:path: /2020/04/darknexus-iot-ddos-botnet.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Thu, 09 Apr 2020 14:41:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da43d1300f4e3d31c99d053c7cb04ea971586443309; expires=Sat, 09-May-20 14:41:49 GMT; path=/; domain=.thehackernews.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 5814fdbf3c73dfcf-FRA
age: 655
cache-control: private, max-age=0
expires: Thu, 09 Apr 2020 14:30:54 GMT
last-modified: Thu, 09 Apr 2020 12:10:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: WordPress VIP
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 roboto.css
thehackernews.com/css/ 77 KB
57 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/css/roboto.css

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
status: 200
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 5814fdbfad9bdfcf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 ddos-botnet.jpg
thehackernews.com/images/-6wbWq68eVBA/Xo2bCtTB_nI/AAAAAAAA2po/SSQlOjvoSSY_AB_mIq18Nd9ItUWt6yTSACLcBGAsYHQ/s728-e100/ 73 KB
74 KB 31ms
30ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-6wbWq68eVBA/Xo2bCtTB_nI/AAAAAAAA2po/SSQlOjvoSSY_AB_mIq18Nd9ItUWt6yTSACLcBGAsYHQ/s728-e100/ddos-botnet.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45ddc7c60f749b846a5f554640c9cc695cf8ea1697976055daf743bd60f7cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21958
cf-polished: origSize=77097, status=webp_bigger
status: 200
content-disposition: inline;filename="ddos-botnet.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 75154
x-xss-protection: 0
expires: Fri, 17 Jul 2020 09:36:37 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vda9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdbfad9fdfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 dark-nexus-botnet.jpg
thehackernews.com/images/-K158sdrBglk/Xo2RlzhJMLI/AAAAAAAA2pc/VV3Fh8MJJUwNkwTmvLazuXtvfcEQi2nFACLcBGAsYHQ/s728-e100/ 33 KB
33 KB 29ms
29ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-K158sdrBglk/Xo2RlzhJMLI/AAAAAAAA2pc/VV3Fh8MJJUwNkwTmvLazuXtvfcEQi2nFACLcBGAsYHQ/s728-e100/dark-nexus-botnet.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46fce06cf5bbbe7f7306afe679a689995a68f34107d2986227c365f3c2b78348

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21983
cf-polished: origSize=34641, status=webp_bigger
status: 200
content-disposition: inline;filename="dark-nexus-botnet.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 33582
x-xss-protection: 0
expires: Fri, 17 Jul 2020 09:17:15 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vda98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdbfada0dfcf-FRA
access-control-expose-headers: Content-Length

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dark-nexus-iot-botnet.jpg
thehackernews.com/images/-UYS4rdb8Ysw/Xo2Qzpm31yI/AAAAAAAA2pU/Hu_w4AXhEbQ3EafxYWkhCz0muLw1KKC5ACLcBGAsYHQ/s728-e100/ 55 KB
55 KB 26ms
25ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-UYS4rdb8Ysw/Xo2Qzpm31yI/AAAAAAAA2pU/Hu_w4AXhEbQ3EafxYWkhCz0muLw1KKC5ACLcBGAsYHQ/s728-e100/dark-nexus-iot-botnet.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d72b258a1d951ce43865a4f84a0807b049af92807eda997c5b2850e6bdbf5370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21983
cf-polished: origSize=59567, status=webp_bigger
status: 200
content-disposition: inline;filename="dark-nexus-iot-botnet.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 56547
x-xss-protection: 0
expires: Fri, 17 Jul 2020 09:17:16 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vda96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdbfadacdfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Apr 2020 16:30:08 GMT
server: cloudflare
etag: W/"5e8b5910-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5814fdbfbfebdfe3-FRA
expires: Sat, 11 Apr 2020 14:41:50 GMT

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c13c7f2ee9c8fab1d388a257ca989f8048d4824c99bfaad4f1253dfbd47726c

Request headers

Origin: https://thehackernews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Origin: https://thehackernews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbcdfa3a64c9c5e932dfd9ad5a47ad84880085c84d47c5c70c0039726f671ee5

Request headers

Origin: https://thehackernews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f09ef9feda96dc3acc6ebab8a047c5185bec952edebaff47a6e9112cab394a

Request headers

Origin: https://thehackernews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
39 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e95ec26964eead6d7a796823406e30276e34f1b95acb366bd582425d9c35efa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39628
x-xss-protection: 0
server: cafe
etag: 9078331934945053514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Apr 2020 14:41:50 GMT

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 195
date: Thu, 09 Apr 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 09 Apr 2020 16:38:35 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 16ms
16ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 22402445
cf-ray: 5814fdc03915dfe3-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Wed, 01 May 2019 21:45:59 GMT
server: cloudflare
etag: W/"5cca1397-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 30 Mar 2021 14:41:50 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.003

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 group-a-300.jpg
thehackernews.com/images/-6vhDJ-T9u_Q/Xl_LzZu_HBI/AAAAAAAA2dU/TkjBhLSQXUQxJ5_hxArrnTW3PXn0rDRFQCLcBGAsYHQ/s728-e100/ 35 KB
35 KB 21ms
19ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-6vhDJ-T9u_Q/Xl_LzZu_HBI/AAAAAAAA2dU/TkjBhLSQXUQxJ5_hxArrnTW3PXn0rDRFQCLcBGAsYHQ/s728-e100/group-a-300.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed47e749c74f798a636534fb354f2e2607bd66857e4690f8d50d069d12f8a140

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22121
cf-polished: status=not_needed
status: 200
content-disposition: inline;filename="group-a-300.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 36120
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:06:10 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vd9d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc03ee5dfcf-FRA
access-control-expose-headers: Content-Length

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244864;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244864;dc_pre=CPyv1u_J2-gCFVWNGwodGksNKg;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_ch...
https://d.agkn.com/pixel/2388/?che=1421473826&col=23636320,5936378,269244864,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d...
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d_site=5936378&d_cb=1421473826
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d_site=5936378&d_cb=1421473826

42 B
915 B

48ms
48ms

Image
image/gif

63.32.201.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d_site=5936378&d_cb=1421473826

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.201.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-201-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v065-05206ac23.edge-irl1.demdex.com 5.66.0.20200408080925 5ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: R7lpVMvfRWw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: BxCXYyUMRPU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244864&d_campaign=23636320&d_site=5936378&d_cb=1421473826
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 group-a-728.jpg
thehackernews.com/images/-hE5p9WwWcnA/Xl_LzY65f-I/AAAAAAAA2dY/zIlLKD-Uv1EMGUzImckTKEroMsdYbGi_ACLcBGAsYHQ/s728-e100/ 23 KB
23 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-hE5p9WwWcnA/Xl_LzY65f-I/AAAAAAAA2dY/zIlLKD-Uv1EMGUzImckTKEroMsdYbGi_ACLcBGAsYHQ/s728-e100/group-a-728.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48d9017b2b7d479fe837cabcdb9ca891f7af55828c84e8b307b9843d45d7a527

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22121
cf-polished: origFmt=jpeg, origSize=31429
status: 200
content-disposition: inline; filename="group-a-728.webp"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 23438
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:15:34 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vd9d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc03ee6dfcf-FRA
access-control-expose-headers: Content-Length

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244987;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.269244987;dc_pre=CNzs1u_J2-gCFdVEGwoditsPAw;sz=1x1;u=__AP1_np_dv_ctk01fmw11dPA__;ord=23858722794;dc_lat=;dc_rdid=;tag_for_ch...
https://d.agkn.com/pixel/2388/?che=31657283&col=23636320,5936378,269244987,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_s...
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_site=5936378&d_cb=31657283
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_site=5936378&d_cb=31657283

42 B
915 B

48ms
47ms

Image
image/gif

63.32.201.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_site=5936378&d_cb=31657283

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.201.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-201-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v065-0cc8cb35d.edge-irl1.demdex.com 5.66.0.20200408080925 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: T3JJdFfhRzw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WD4CDyiwSMo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=269244987&d_campaign=23636320&d_site=5936378&d_cb=31657283
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 q-reports1-min.png
thehackernews.com/images/-IJsuRn42EYQ/XnjH-j-MNuI/AAAAAAAA2j0/K8yMZyIwXRwzkqlkkJOOISWTfLO_JzLQwCLcBGAsYHQ/s300-e100/ 13 KB
14 KB 45ms
44ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-IJsuRn42EYQ/XnjH-j-MNuI/AAAAAAAA2j0/K8yMZyIwXRwzkqlkkJOOISWTfLO_JzLQwCLcBGAsYHQ/s300-e100/q-reports1-min.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79fcbe5b667224bbabebd94135876a0cb282acdf56ba6518246b4c6ce16c77bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22186
cf-polished: origFmt=png, origSize=16168
status: 200
content-disposition: inline; filename="q-reports1-min.webp"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 13590
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:24:55 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vda40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc05f58dfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 zoom-hacking.jpg
thehackernews.com/images/-yEdv4-r_GCU/XoWjJRMXVeI/AAAAAAAA2nc/z1aSxCSBjJQ1ooqCHbvx7Y4vpNVTkl6cgCLcBGAsYHQ/s72-c-e100/ 2 KB
2 KB 34ms
32ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-yEdv4-r_GCU/XoWjJRMXVeI/AAAAAAAA2nc/z1aSxCSBjJQ1ooqCHbvx7Y4vpNVTkl6cgCLcBGAsYHQ/s72-c-e100/zoom-hacking.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00e4f7b0318427e535853a65a761fdcc145561f4940982c31423ac3746e8ed83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22171
cf-polished: origFmt=jpeg, origSize=2830
status: 200
content-disposition: inline; filename="zoom-hacking.webp"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 2326
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:06:10 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vda78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc05f5adfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 iphone-camera-hacking.jpg
thehackernews.com/images/-7jBBB1UzjUs/XocJfKshMoI/AAAAAAAAAL4/oXWPfBoaUq4lIuh9LziSOo8a7hXwnZQfgCLcBGAsYHQ/s72-c-e100/ 4 KB
4 KB 29ms
27ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-7jBBB1UzjUs/XocJfKshMoI/AAAAAAAAAL4/oXWPfBoaUq4lIuh9LziSOo8a7hXwnZQfgCLcBGAsYHQ/s72-c-e100/iphone-camera-hacking.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1ec09a4d711dd9fb3aa3970f116552a9df57276c4b60b3a1f387a5d66c02fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22171
cf-polished: origSize=4069, status=webp_bigger
status: 200
content-disposition: inline;filename="iphone-camera-hacking.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 4032
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:15:48 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc05f5cdfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 zoom-malware.jpg
thehackernews.com/images/-Dfb2TrPnbfI/XosdY30PiQI/AAAAAAAAAME/V27tlwF5xnwcvENmQW54CjEekflzLMlLgCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 23ms
22ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-Dfb2TrPnbfI/XosdY30PiQI/AAAAAAAAAME/V27tlwF5xnwcvENmQW54CjEekflzLMlLgCLcBGAsYHQ/s72-c-e100/zoom-malware.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1ac9de07ad845cdbba12f232037c4e7fe510cff72ffe155697466bd694f645

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22152
cf-polished: origSize=3247, status=webp_bigger
status: 200
content-disposition: inline;filename="zoom-malware.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 3206
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:15:48 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc05f5edfcf-FRA
access-control-expose-headers: Content-Length

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=555674547&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&ul=en-us&de=UTF-8&dt=Dark%20Nexus%3...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_gid=1672816271.1586443310&gjid=671458946&_v=j81&z=1349746247
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_v=j81&z=1349746247
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_v=j81&z=1349746247&slf_rd=1&random=247730287

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_v=j81&z=1349746247&slf_rd=1&random=247730287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27389293-1&cid=460399375.1586443310&jid=1211222793&_v=j81&z=1349746247&slf_rd=1&random=247730287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thehackernews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/ 215 KB
81 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82826
x-xss-protection: 0
server: cafe
etag: 8787963883823995547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Apr 2020 14:41:50 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/ Frame 5D69 0
0 7ms
5ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200406/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 07 Apr 2020 08:01:09 GMT
expires: Tue, 21 Apr 2020 08:01:09 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 196841
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7FE6 0
0 225ms
224ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1992721210&adk=845904374&adf=2959314990&w=970&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=250&rw=970&sfro=1&wgl=1&adsid=NT&dt=1586443310169&bpp=14&bdt=146&fdt=66&idt=67&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3827090672795&frm=20&pv=2&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=2090&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=170&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gEeNBJXXD6&p=https%3A//thehackernews.com&dtd=86

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1992721210&adk=845904374&adf=2959314990&w=970&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=250&rw=970&sfro=1&wgl=1&adsid=NT&dt=1586443310169&bpp=14&bdt=146&fdt=66&idt=67&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3827090672795&frm=20&pv=2&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=2090&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=170&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gEeNBJXXD6&p=https%3A//thehackernews.com&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Apr 2020 14:41:50 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUknHz033aag7-xZcS6jhPqM7ziJmwPqvmNU4pVWfjPQgRB99dY10x1ZddEw; expires=Tue, 04-May-2021 14:41:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Thu, 09 Apr 2020 14:41:50 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
19ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200406&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53a8d10fc2fb8519c8d1ea1068c665fb3f7a4c469ac5ec63cee23ac4d507008c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
Origin: https://thehackernews.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5120
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa7805210217646c3d658860971b320dd622fe4b694ec4a482573e20107e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28434
x-xss-protection: 0
expires: Thu, 09 Apr 2020 14:41:50 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0714 0
0 236ms
235ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5243175864&adk=4125629010&adf=1730142069&w=728&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&adsid=NT&dt=1586443310183&bpp=6&bdt=160&fdt=105&idt=105&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=10282&dssz=25&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=263&ady=1324&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ed3HaBCJfP&p=https%3A//thehackernews.com&dtd=111

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5243175864&adk=4125629010&adf=1730142069&w=728&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&adsid=NT&dt=1586443310183&bpp=6&bdt=160&fdt=105&idt=105&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=10282&dssz=25&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=263&ady=1324&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ed3HaBCJfP&p=https%3A//thehackernews.com&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Apr 2020 14:41:50 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUlJN35PRZWjZyFrJy7N0HUGa9y9R7P74hrs_ppNc09KmlfHfty1cC-a2jZy; expires=Tue, 04-May-2021 14:41:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Thu, 09 Apr 2020 14:41:50 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 09 Apr 2020 14:41:50 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 366E 0
0 575ms
575ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=2686376852&adk=1464095591&adf=3350534670&w=300&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&adsid=NT&dt=1586443310189&bpp=4&bdt=166&fdt=114&idt=114&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=41130&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=477&ady=2886&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=F9UivXjuQR&p=https%3A//thehackernews.com&dtd=118

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=2686376852&adk=1464095591&adf=3350534670&w=300&fwrn=4&fwrnh=100&lmt=1586434249&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&adsid=NT&dt=1586443310189&bpp=4&bdt=166&fdt=114&idt=114&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=41130&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=477&ady=2886&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=F9UivXjuQR&p=https%3A//thehackernews.com&dtd=118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Apr 2020 14:41:50 GMT
server: cafe
content-length: 21310
x-xss-protection: 0
set-cookie: IDE=AHWqTUmuKIUPplb5QmrjzDBvV7zu2GshyNbVKCYkv-cnt6QmEN_GFqRIVRDoTYrl; expires=Tue, 04-May-2021 14:41:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Thu, 09 Apr 2020 14:41:50 GMT
cache-control: private

GET
H2 200 mssql-hacking.jpg
thehackernews.com/images/-XA0L5byYcWg/XoR_AuIRbGI/AAAAAAAAALA/IXl2S_kJ6ys_fQMUvp1SDWcUV_GOu5yxQCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 22ms
21ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-XA0L5byYcWg/XoR_AuIRbGI/AAAAAAAAALA/IXl2S_kJ6ys_fQMUvp1SDWcUV_GOu5yxQCLcBGAsYHQ/s72-c-e100/mssql-hacking.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

639a4cf7f7bb06fe03be2c87a3b5efadf8c8f83a0c365530113d21154f322da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22152
cf-polished: origSize=3113, status=webp_bigger
status: 200
content-disposition: inline;filename="mssql-hacking.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 3071
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:20:21 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc179e6dfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 magecart-hacking-website.jpg
thehackernews.com/images/-vbNmIkpgQhs/XoWzlClFnjI/AAAAAAAAALg/9yqRiLtu-JcQzIJmLLOe_XB5oBrfH1GQACLcBGAsYHQ/s72-c-e100/ 3 KB
4 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-vbNmIkpgQhs/XoWzlClFnjI/AAAAAAAAALg/9yqRiLtu-JcQzIJmLLOe_XB5oBrfH1GQACLcBGAsYHQ/s72-c-e100/magecart-hacking-website.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2398ab8887994a0bf3605d9f3933a5900fbd45a00477abf260a3aba76c9bc039

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22145
cf-polished: origFmt=jpeg, origSize=3846
status: 200
content-disposition: inline; filename="magecart-hacking-website.webp"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 3482
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:25:19 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc179e7dfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0731 0
0 108ms
108ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1586434249&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586443310193&bpp=5&bdt=171&fdt=124&idt=124&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90%2C300x250&nras=1&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=41130&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1586434249&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F04%2Fdarknexus-iot-ddos-botnet.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586443310193&bpp=5&bdt=171&fdt=124&idt=124&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C728x90%2C300x250&nras=1&correlator=3827090672795&frm=20&pv=1&ga_vid=460399375.1586443310&ga_sid=1586443310&ga_hid=555674547&ga_fc=0&iag=0&icsg=41130&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065724%2C368226500&oid=3&pvsid=423071822104343&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=134
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Apr 2020 14:41:50 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: IDE=AHWqTUljoe-q2em-9z1y7O8fcc54KXJvZnsYiXEeSmeLYFFjmUDdbUjPzgFCBwdT; expires=Tue, 04-May-2021 14:41:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Thu, 09 Apr 2020 14:41:50 GMT
cache-control: private

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F102 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 09 Apr 2020 14:37:49 GMT
expires: Fri, 09 Apr 2021 14:37:49 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 241
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 zoom-coronavirus.jpg
thehackernews.com/images/-j9nbj7HFSjg/XoHKci_0VLI/AAAAAAAAAJ4/-1M8BM6jJ6c2k_BBVxvHv5TRktzg4wHxwCLcBGAsYHQ/s72-c-e100/ 3 KB
4 KB 16ms
16ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-j9nbj7HFSjg/XoHKci_0VLI/AAAAAAAAAJ4/-1M8BM6jJ6c2k_BBVxvHv5TRktzg4wHxwCLcBGAsYHQ/s72-c-e100/zoom-coronavirus.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1799691afda868e4c8f27133397335c1fb6f69001bdb152784e0952261d610d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22152
cf-polished: origSize=3389, status=webp_bigger
status: 200
content-disposition: inline;filename="zoom-coronavirus.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 3350
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:15:48 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "v9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc25bfddfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200406&jk=423071822104343&bg=!u7iluKBYyOEGtQDmLDoCAAAAQlIAAAAKmQFdZGiouxo_TK3GcChCSHh21wy-gJMt4mQxP9R7bKYPELKEa4XN-IKHZLkyLG3MyyWgsHsOxxABvnygnWpr5JXdPXRbsrdC8TeNaFKuUBwrrTgDoS0s7xVzK8DeoA9233nyhun8COlDsVfB9FQBpFtBiWFNCrX3me9vUDluvsQbVDfVfy0yQRay2g1ZtvcdMaYSzu8_FJEhP7-dCM-mswihSU8bRLGyI8ldvwgjT3zgb-kovIP60J4-cfQDm8dBAR8TRKllfutYtXiEhQAqD9N0paprXAKFRfsyonb6QJbGHgABjkyGBM4s597zTVP2fKzwJAlYehu5gHqnrYisjmYQKEIe6KkeCkQDgnVy3dLogA1upydt6_S1_uTXVmf_i0o1q1GYqXmNkNRG3-LDFd0VRUor3x62YT9eQbccP6a13gB0njNUEjIvwfG2Slj7bSoYtWAeT67d76QDJM_s0w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 09 Apr 2020 14:41:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ddos-botnet.jpg
thehackernews.com/images/-6wbWq68eVBA/Xo2bCtTB_nI/AAAAAAAA2po/SSQlOjvoSSY_AB_mIq18Nd9ItUWt6yTSACLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 34ms
33ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-6wbWq68eVBA/Xo2bCtTB_nI/AAAAAAAA2po/SSQlOjvoSSY_AB_mIq18Nd9ItUWt6yTSACLcBGAsYHQ/s72-c-e100/ddos-botnet.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5bb449287b55af2fb9f3b59c43abb4a304ddb9800531097d33cecbeca318f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21821
cf-polished: origSize=2645, status=webp_bigger
status: 200
content-disposition: inline;filename="ddos-botnet.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 2607
x-xss-protection: 0
expires: Sat, 18 Jul 2020 07:42:34 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vda9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc77974dfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 Marriott-data-breach.jpg
thehackernews.com/images/-Q1UuAb0tqcw/XoNm7T00XBI/AAAAAAAAAKM/vFP8PfPZ5VMyUj3H2vFDL7UM6pyNsZOzQCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 27ms
27ms Image
image/jpeg 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-Q1UuAb0tqcw/XoNm7T00XBI/AAAAAAAAAKM/vFP8PfPZ5VMyUj3H2vFDL7UM6pyNsZOzQCLcBGAsYHQ/s72-c-e100/Marriott-data-breach.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b08513797244cf5e3ae3285deab9d2d9b84e71061901ccea6fc942915cfcb7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22145
cf-polished: origSize=3147, status=webp_bigger
status: 200
content-disposition: inline;filename="Marriott-data-breach.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 3105
x-xss-protection: 0
expires: Fri, 17 Jul 2020 19:15:48 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "va4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc77976dfcf-FRA
access-control-expose-headers: Content-Length

GET
H2 200 remove-xhelper-malware-android.jpg
thehackernews.com/images/-2l8SawJQ4ok/XoyEGDra3DI/AAAAAAAA2pA/gYeG1M54SwIjMOlDiFn39wWY396_6BacwCLcBGAsYHQ/s72-c-e100/ 2 KB
2 KB 16ms
16ms Image
image/webp 2606:4700:20::681a:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-2l8SawJQ4ok/XoyEGDra3DI/AAAAAAAA2pA/gYeG1M54SwIjMOlDiFn39wWY396_6BacwCLcBGAsYHQ/s72-c-e100/remove-xhelper-malware-android.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa76aff2b9ad5464ffccb4975f722f22fb81f58aea8dc074e5e73373c0386877

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 14:41:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22146
cf-polished: origFmt=jpeg, origSize=2155
status: 200
content-disposition: inline; filename="remove-xhelper-malware-android.webp"
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 2008
x-xss-protection: 0
expires: Fri, 17 Jul 2020 00:11:56 GMT
cf-bgj: imgq:100
server: cloudflare
etag: "vda92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
accept-ranges: bytes
cf-ray: 5814fdc83b58dfcf-FRA
access-control-expose-headers: Content-Length

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thehackernews.com/	1970-01-19 09:23:55	Name: __cfduid Value: da43d1300f4e3d31c99d053c7cb04ea971586443309

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 6) Message: SW registered: [object ServiceWorkerRegistration]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
att.demdex.net
cdnjs.cloudflare.com
d.agkn.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
thehackernews.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
172.217.18.166
2600:9000:20eb:3200:19:fc2c:a140:93a1
2606:4700:20::681a:161
2606:4700::6810:84e5
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2004
2a00:1450:400c:c00::9d
63.32.201.208
00e4f7b0318427e535853a65a761fdcc145561f4940982c31423ac3746e8ed83
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
13f09ef9feda96dc3acc6ebab8a047c5185bec952edebaff47a6e9112cab394a
1799691afda868e4c8f27133397335c1fb6f69001bdb152784e0952261d610d3
2398ab8887994a0bf3605d9f3933a5900fbd45a00477abf260a3aba76c9bc039
3d1ec09a4d711dd9fb3aa3970f116552a9df57276c4b60b3a1f387a5d66c02fc
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
46fce06cf5bbbe7f7306afe679a689995a68f34107d2986227c365f3c2b78348
48d9017b2b7d479fe837cabcdb9ca891f7af55828c84e8b307b9843d45d7a527
53a8d10fc2fb8519c8d1ea1068c665fb3f7a4c469ac5ec63cee23ac4d507008c
639a4cf7f7bb06fe03be2c87a3b5efadf8c8f83a0c365530113d21154f322da0
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
6aa7805210217646c3d658860971b320dd622fe4b694ec4a482573e20107e645
6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369
79fcbe5b667224bbabebd94135876a0cb282acdf56ba6518246b4c6ce16c77bc
7b08513797244cf5e3ae3285deab9d2d9b84e71061901ccea6fc942915cfcb7c
9c13c7f2ee9c8fab1d388a257ca989f8048d4824c99bfaad4f1253dfbd47726c
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
aa76aff2b9ad5464ffccb4975f722f22fb81f58aea8dc074e5e73373c0386877
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5bb449287b55af2fb9f3b59c43abb4a304ddb9800531097d33cecbeca318f60
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
d45ddc7c60f749b846a5f554640c9cc695cf8ea1697976055daf743bd60f7cb9
d72b258a1d951ce43865a4f84a0807b049af92807eda997c5b2850e6bdbf5370
dbcdfa3a64c9c5e932dfd9ad5a47ad84880085c84d47c5c70c0039726f671ee5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95ec26964eead6d7a796823406e30276e34f1b95acb366bd582425d9c35efa8
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed47e749c74f798a636534fb354f2e2607bd66857e4690f8d50d069d12f8a140
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
fc1ac9de07ad845cdbba12f232037c4e7fe510cff72ffe155697466bd694f645
fcbb9821304a64ce046ff0413f63da8fccc2ef7513514238f5ae6c0a48994c3f

thehackernews.com Open in urlscan Pro 2606:4700:20::681a:161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

83 %IPv6

10 Domains

16 Subdomains

9 IPs

4 Countries

637 kBTransfer

1090 kBSize

1 Cookies

38 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

thehackernews.com Open in urlscan Pro
2606:4700:20::681a:161 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

16
Subdomains

9
IPs

4
Countries

637 kB
Transfer

1090 kB
Size

1
Cookies

37 HTTP transactions
9 data transactions