thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:4615 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/gMyZHHvxYI
Effective URL:
https://thehackernews.com/2020/09/russian-ransomware-hack.html
Submission: On September 23 via api (September 23rd 2020, 5:30:25 pm UTC) from US

Summary HTTP 62 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 18 domains to perform 62 HTTP transactions. The main IP is 2606:4700:20::ac43:4615, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
13	2606:4700:20:... 2606:4700:20::ac43:4615	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
9	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
4 5	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
3	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
3	99.84.153.196 99.84.153.196	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:214... 2600:9000:214f:ae00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	63.32.152.233 63.32.152.233	16509 (AMAZON-02) (AMAZON-02)
2	213.254.244.20 213.254.244.20	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	52.51.30.82 52.51.30.82	16509 (AMAZON-02) (AMAZON-02)
62	28

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:4615 (United States)

ASN13335 (CLOUDFLARENET, US)

thehackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.134 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.153.196 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-153-196.txl52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:ae00:19:fc2c:a140:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.32.152.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

att.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.20 (Ireland)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.30.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-30-82.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	doubleclick.net 4 redirects ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	151 KB
13	thehackernews.com thehackernews.com	313 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com	161 KB
4	demdex.net 2 redirects att.demdex.net	3 KB
4	adpushup.com cdn.adpushup.com e3.adpushup.com	224 KB
4	googletagservices.com www.googletagservices.com	74 KB
3	amazon-adsystem.com c.amazon-adsystem.com	31 KB
2	google.com adservice.google.com www.google.com	274 B
2	google.de adservice.google.de www.google.de	274 B
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	doubleverify.com tps.doubleverify.com	880 B
2	agkn.com 2 redirects d.agkn.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	34 KB
1	adsrvr.org match.adsrvr.org	544 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	2mdn.net s0.2mdn.net	17 KB
1	t.co t.co	517 B
62	18

	Domain	Requested by
13	thehackernews.com	t.co thehackernews.com
5	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	ad.doubleclick.net	4 redirects ajax.cloudflare.com
5	pagead2.googlesyndication.com	ajax.cloudflare.com ad.doubleclick.net pagead2.googlesyndication.com
4	att.demdex.net	2 redirects
4	www.googletagservices.com	ajax.cloudflare.com ad.doubleclick.net pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	c.amazon-adsystem.com	cdn.adpushup.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net
3	e3.adpushup.com	cdn.adpushup.com
2	e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tps.doubleverify.com
2	d.agkn.com	2 redirects
2	www.google-analytics.com	t.co www.google-analytics.com
1	match.adsrvr.org	cdn.adpushup.com
1	www.google.de
1	www.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	mug.criteo.com
1	gum.criteo.com	1 redirects
1	cdn.jsdelivr.net	cdn.adpushup.com
1	s0.2mdn.net
1	cdnjs.cloudflare.com	t.co
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	cdn.adpushup.com	t.co
1	ajax.cloudflare.com	thehackernews.com
1	t.co
62	29

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
deals.thehackernews.com
thehackernews.tradepub.com
www.instagram.com
t.me
adclick.g.doubleclick.net
malpedia.caad.fkie.fraunhofer.de
go.thn.li
en.wikipedia.org
www.reddit.com
news.ycombinator.com
api.whatsapp.com
telegram.me
ad.doubleclick.net

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
thehackernews.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.adpushup.com GlobalSign RSA OV SSL CA 2018	`2020-09-03` - `2021-10-05`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2019-11-05` - `2021-12-13`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-21` - `2021-04-17`	7 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://thehackernews.com/2020/09/russian-ransomware-hack.html
Frame ID: C3B4AA1B8A42A53CD5F652A4AEB63ADC
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200921/r20190131/zrt_lookup.html
Frame ID: 0A838D6E6739ACD5F612FB38DA58DB21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 00C4C322B6CED86F6D48CC73BA0F820B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1600872950&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&ea=0&flash=0&pra=5&wgl=1&dt=1600882207436&bpp=6&bdt=772&idt=206&shv=r20200921&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8174378450168&frm=20&pv=2&ga_vid=955643402.1600882208&ga_sid=1600882208&ga_hid=40150068&ga_fc=0&iag=0&icsg=2317396650&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=3108251002486185&pem=155&ref=https%3A%2F%2Ft.co%2FgMyZHHvxYI&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=225
Frame ID: C5ECE24CFECFCE0B3D780EE40EE2C949
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=600&slotname=1415611493&adk=2877078529&adf=3546401298&w=300&fwrn=4&fwrnh=100&lmt=1600872950&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=300x600&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600882207442&bpp=5&bdt=778&idt=255&shv=r20200921&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8174378450168&frm=20&pv=1&ga_vid=955643402.1600882208&ga_sid=1600882208&ga_hid=40150068&ga_fc=0&iag=0&icsg=10907331242&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=3108251002486185&pem=155&ref=https%3A%2F%2Ft.co%2FgMyZHHvxYI&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GsIbQ9WLWs&p=https%3A//thehackernews.com&dtd=263
Frame ID: 9D2FA7F15B78D799B785B59B28415A8D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 55754D499F3F5DB74A750131DC687C24
Requests: 1 HTTP requests in this frame

Frame: https://e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 9FBB7205CBE21B5099E77973A5E5FB72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/gMyZHHvxYI Page URL
https://thehackernews.com/2020/09/russian-ransomware-hack.html Page URL

Page Statistics

62
Requests

100 %
HTTPS

62 %
IPv6

18
Domains

29
Subdomains

28
IPs

7
Countries

1091 kB
Transfer

2435 kB
Size

1
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thehackernews
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/thehackersnews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/thehackernews?sub_confirmation=1
Title: 

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/
Title:  Offers

Search URL Search Domain Scan URL

URL: https://thehackernews.tradepub.com/
Title: Free eBooks

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/free
Title: Freebies

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAADwuDObFWF60CiR-HQ
Title:  Telegram Channel

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvA9M4e3JTOagN34jJLJwSRXMr4-rNV0snC56QqOnAseIzm7Jky8mttCbJW6ZDWGcMM_OVrkTDTeF06IDuEBsqg8lYqKYnaW-OBf0d7O3o4GLugQTO8L0vn0g3fk5_R&sig=Cg0ArKJSzHizO1huvDYw&urlfix=1&adurl=https://info.mimecast.com/web-security-resources.html%3Futm_source%3DTheHackerNews%26utm_medium%3DDisplay%26utm_campaign%3D7013l000000TmD9AAK%26utm_term%3DWebEmailResources%26utm_content%3DResilienceExtensionTOFU

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/actor/cobalt
Title: Cobalt

Search URL Search Domain Scan URL

URL: https://go.thn.li/contrast

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/2020_Belarusian_protests
Title: ongoing protests in Belarus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&text=A%20New%20Hacking%20Group%20Hitting%20Russian%20Companies%20With%20Ransomware&via=TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html
Title: 

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&t=A%20New%20Hacking%20Group%20Hitting%20Russian%20Companies%20With%20Ransomware
Title: Share on Hacker News

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=A%20New%20Hacking%20Group%20Hitting%20Russian%20Companies%20With%20Ransomware%20%E2%80%94%20https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html
Title: Share on WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&text=A%20New%20Hacking%20Group%20Hitting%20Russian%20Companies%20With%20Ransomware
Title: Share on Telegram

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/466822266;272061659;p

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/jump/N424004.3381407THEHACKERNEWS/B23636320.272061659;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541

Search URL Search Domain Scan URL

URL: https://go.thn.li/Secure-Code

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/466825137;272416746;q

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/jump/N424004.3381407THEHACKERNEWS/B23636320.272416746;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541

Search URL Search Domain Scan URL

URL: https://go.thn.li/webinar-2
Title: Webinar — Secure Code Warrior: Dev to DevSecProven methods to build security awareness in developers. Watch the webinar.

Search URL Search Domain Scan URL

URL: https://go.thn.li/native-whitepaper
Title: Learn Secure Coding with Secure Code WarriorThe 5 Point Tactical Guide for Secure Developers. Get the whitepaper.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-2019-ethical-hacker-masterclass-bundle
Title: <img alt='Learn Ethical Hacking Online' class='deal-link' src='https://thehackernews.com/images/-6bFLF28Wvxc/XHaUg588fBI/AAAAAAAAAGU/USPKfrcXaLgzaOBfKGb92v-0T12CIaK9wCLcBGAs/s260-e100/learn-hacking-training.jpg'/> Ethical Hacking - Practical Training 10 courses + 1,236 lessons on latest techniques, forensics, malware analysis, network security and programming.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/lifetime-access-to-stackskills-unlimited
Title: <img alt='Unlimited Secure VPN Service' class='deal-link' src='https://thehackernews.com/images/-NnUk1eJVmVk/XHggwOYT51I/AAAAAAAAzbg/_5sUNHfsdiYDo-si4rya7tVT4pSZI0qSACLcBGAs/s260-e100/unlimited-vpn.jpg'/> 1000+ Premium Online Courses With course certification, Q/A webinars and lifetime access.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-cybersecurity-expert-certification-training-bundle
Title: <img alt='Best Hacking Books' class='deal-link' src='https://thehackernews.com/images/-4fAuruXOrkE/XDW4dE5zVMI/AAAAAAAAy9A/K13EeHK67NM69FUaCYDYtunHofUHjtt4wCLcBGAs/s260-e100/hacking-cybersecurity-books.jpg'/> Cybersecurity Certification Training CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-complete-2020-comptia-certification-training-bundle
Title: <img alt='Cisco Certification Courses' class='deal-link' src='https://thehackernews.com/images/-2nVCe__qYkc/WxVG9s8C7CI/AAAAAAAAw6Q/fFsdOSE-DEYDqqf3z9KWus0oBWdbzAkAgCLcBGAs/s260-e100/cisco-it-networking-certification.png'/> CompTIA IT Certification Training Lifetime access to 14 expert-led courses.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/citizengoods-exclusives
Title: Exclusives

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-specialization-developer
Title: Development

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-interest-android
Title: Android

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/gMyZHHvxYI Page URL
https://thehackernews.com/2020/09/russian-ransomware-hack.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;dc_pre=CK7Dtvrm_-sCFXbHuwgdrvIC5A;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://d.agkn.com/pixel/2388/?che=921272293&col=23636320,5936378,272061659,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=921272293 HTTP 302
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=921272293 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=921272293

Request Chain 35

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;dc_pre=CLjAtvrm_-sCFYn5dwodta4LYA;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://d.agkn.com/pixel/2388/?che=4293326880&col=23636320,5936378,272416746,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=4293326880 HTTP 302
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=4293326880 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=4293326880

Request Chain 43

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Rm38W3xzU2JIRmlrSXArNnpaN2ZDb3d0S1djSWZsMjA2a0pSR2E0Y0x4SERiaVVMVy9IK2luYnlsYUJ4TlpLbzZYd1AzYWdwdjJZaENLOWgzdW8xWXRjN1FlOWdzWk1GNUc4Z20yQzMrM1lsUmc4d2tsR1Fsd2d3MW45S0pxM0pjczd6N01VUHNUajZGb2pNT2grR0E0eEhZMWJTc3ZabGp4enlKY3hZOUR5SE82UmwxaEh4eTB3MVREanVKQ3UvYnM2blJvTnRDdFhvQ1UvUlBxWEt3TXlzMytjT09SbXBMbTVZZXE0eVo3aDFvM1FVPXw&cppv=2

62 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 gMyZHHvxYI
t.co/ 343 B
517 B 194ms
146ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/gMyZHHvxYI

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /gMyZHHvxYI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 208
content-type: text/html; charset=utf-8
date: Wed, 23 Sep 2020 17:30:06 GMT
expires: Wed, 23 Sep 2020 17:35:06 GMT
server: tsa_o
set-cookie: muc=36f85600-7fc1-4611-895c-4e6ab8b95894; Max-Age=63072000; Expires=Fri, 23 Sep 2022 17:30:06 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 88e25ac0d52818663ecd460fb5678fc4
x-response-time: 114
x-xss-protection: 0

GET
H2 200 Primary Request russian-ransomware-hack.html Show response
thehackernews.com/2020/09/ 129 KB
43 KB 376ms
357ms Document
text/html 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/2020/09/russian-ransomware-hack.html

Requested by

Host: t.co
URL: https://t.co/gMyZHHvxYI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordPress VIP

Resource Hash

196ff2cf63c207dccd63cbbdcf965af4f543c8171d9deea687243f832d66dbbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: thehackernews.com
:scheme: https
:path: /2020/09/russian-ransomware-hack.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/gMyZHHvxYI
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://t.co/gMyZHHvxYI

Response headers

status: 200
date: Wed, 23 Sep 2020 17:30:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc353dd18ec766bb1bbe7e2794f053b641600882206; expires=Fri, 23-Oct-20 17:30:06 GMT; path=/; domain=.thehackernews.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 5d75fddd6aa93248-FRA
cache-control: private, max-age=0
expires: Wed, 23 Sep 2020 17:30:06 GMT
last-modified: Wed, 23 Sep 2020 14:55:50 GMT
link: </css/roboto.css>; as=style; rel=preload
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 055d9cfe61000032487682d200000001
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: WordPress VIP
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </css/roboto.css>

GET
H2 200 roboto.css
thehackernews.com/css/ 77 KB
57 KB 14ms
0ms Stylesheet
text/css 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/css/roboto.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2592000, immutable
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5d75fddf99283248-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055d9cffbf0000324876847200000001

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/09/russian-ransomware-hack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:06 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 14 Sep 2020 19:48:52 GMT
server: cloudflare
etag: W/"5f5fc924-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5d75fddfbe2a63d7-FRA
cf-request-id: 055d9cffd2000063d798112200000001
expires: Fri, 25 Sep 2020 17:30:06 GMT

GET
H2 200 russian-ransomware-hackers.jpg
thehackernews.com/images/-nJh93omAPzM/X2sLBBeJeeI/AAAAAAAAAyo/vCIrHjuDWEIFIxWylvOZnGFOMlLBBhycACLcBGAsYHQ/s728-e1000/ 33 KB
34 KB 35ms
35ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-nJh93omAPzM/X2sLBBeJeeI/AAAAAAAAAyo/vCIrHjuDWEIFIxWylvOZnGFOMlLBBhycACLcBGAsYHQ/s728-e1000/russian-ransomware-hackers.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/09/russian-ransomware-hack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66cc7c81753cb707afc20013fa4b327bbff855ceded2700dc314449228a7d455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9620
cf-polished: origSize=34672, status=webp_bigger
status: 200
content-disposition: inline;filename="russian-ransomware-hackers.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34108
x-xss-protection: 0
expires: Tue, 20 Jun 2023 09:18:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v32b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9cffdd0000324876849200000001
accept-ranges: bytes
cf-ray: 5d75fddfc9ab3248-FRA
access-control-expose-headers: Content-Length

GET
H2 200 ransomware-attack.jpg
thehackernews.com/images/-RRQONGnc180/X2sE8wb1-gI/AAAAAAAAAyc/vR7-sVr4DVItcD-i2C9qNF0Dti6HSBEMwCLcBGAsYHQ/s728-e1000/ 71 KB
71 KB 24ms
24ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-RRQONGnc180/X2sE8wb1-gI/AAAAAAAAAyc/vR7-sVr4DVItcD-i2C9qNF0Dti6HSBEMwCLcBGAsYHQ/s728-e1000/ransomware-attack.jpg

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2020/09/russian-ransomware-hack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0cdab2a9e4799a408ffa2dacf6ad44e09d2c509d537694aa17b3118faf7e15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9457
cf-polished: origSize=75665, status=webp_bigger
status: 200
content-disposition: inline;filename="ransomware-attack.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72780
x-xss-protection: 0
expires: Tue, 20 Jun 2023 09:12:15 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v328"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9cffe3000032487684b200000001
accept-ranges: bytes
cf-ray: 5d75fddfd9d23248-FRA
access-control-expose-headers: Content-Length

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 127 KB
44 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84c5498c2cad1b1daa904a66b1e1d79de6a6ec582524ff91b9e4a83c3eb1fe9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45096
x-xss-protection: 0
server: cafe
etag: 5967513308457803358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Sep 2020 17:30:06 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 5 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8fd065d4e741b6c3f6613ac8817621fece035736d71a677dde931360f130930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 16:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:21:08 GMT
server: sffe
age: 3574
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2479
x-xss-protection: 0
expires: Wed, 23 Sep 2020 17:30:32 GMT

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c80a55d06b9da550f41424241174895bdbe1dd174ee1d015a4d56747cd2a99

Request headers

Origin: https://thehackernews.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Origin: https://thehackernews.com
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03c3526dd6db1c340c972db0194f8b732611626e1bcde62426d70a68c7a023b

Request headers

Origin: https://thehackernews.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe94fcc14c2b9f93c39cbe038796bff0ebc07a140ebd15e66b3a897b6a25bc82

Request headers

Origin: https://thehackernews.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/37020/ 615 KB
222 KB 58ms
20ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/37020/adpushup.js
Requested by: Host: t.co
URL: https://t.co/gMyZHHvxYI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c7f94931016a993348abf60b80bd379118bc239b0d2e89d50e160b46901966df

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 604800.000
x-cf1: 28371:fB.ams1:co:1600448080:cacheN.ams1-01:M
status: 200
x-cf-geodata: false
content-length: 226875
x-cf-tsc: 1600448492
x-cf2: H
last-modified: Fri, 18 Sep 2020 16:59:43 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
cf4age: 109
accept-ranges: bytes
x-cf-rand: 23.599
expires: Wed, 23 Sep 2020 17:45:07 GMT

GET
H3-Q050 200 impl_v63.js Show response
www.googletagservices.com/dcm/ 30 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v63.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62756d2616e4156e7f6a5524b5a6d8f64193e85f5d3b88be33cf8fe8a728d2bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 14:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 14:13:03 GMT
server: sffe
age: 10890
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12833
x-xss-protection: 0
expires: Thu, 23 Sep 2021 14:28:37 GMT

GET
H2 200 B24029648.272043563;dc_ver=63.176;sz=728x90;u_sd=1;dc_adk=4037400832;ord=3ga6w8;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html$0;xdt=0;crlt=d1x)qjW74b;sttr=15;p... Show response
ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/ 22 KB
12 KB 107ms
52ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/B24029648.272043563;dc_ver=63.176;sz=728x90;u_sd=1;dc_adk=4037400832;ord=3ga6w8;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html$0;xdt=0;crlt=d1x)qjW74b;sttr=15;prcl=s

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

13691815b6450d2c504f16e9103c62089dfb6b985f9018ac2313c67049ff3291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11782
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
725 B 122ms
18ms Other
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 17:30:06 GMT
Ap-Cookie-Status: cookies ap_uid and ap_usid are set
Access-Control-Allow-Methods: GET, POST
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex
Keep-Alive: timeout=20
Content-Length: 70
Expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 87ms
33ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

522c3850a92b6e66963eff20f0152a28b2768bbabb0c2cb7a73ab400b641ab97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "641 / 677 of 1000 / last-modified: 1600859470"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17753
x-xss-protection: 0
expires: Wed, 23 Sep 2020 17:30:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 108 KB
28 KB 132ms
45ms Script
application/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: Server /
Resource Hash: 02a2079808b1d062ff16a7d19627e9ee4a94f989aa879d9f81333364fa5a8ea0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 13:10:26 GMT
content-encoding: gzip
server: Server
age: 15580
etag: 7332ce399a8e629a25d60312745ef936
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TXC2IwghNOf2QrieVsSvDrcG1oJgk-YOU3uMLLQmok5oCxXj_wBjGA==
via: 1.1 700e1fc650af7cfb451dbdb8d79d4107.cloudfront.net (CloudFront)

GET
H/1.1 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
459 B 42ms
18ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MDA4ODIyMDczNDgsInBhY2tldElkIjoiMDAwMDkwOUMtYjhjMzdlY2YtOGFiYy00ZDQ5LWFhYjgtMGUxM2I3OTkxNjFhIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIwLzA5L3J1c3NpYW4tcmFuc29td2FyZS1oYWNrLmh0bWwiLCJtb2RlIjoyLCJlcnJvckNvZGUiOjUsInJlZmVycmVyIjoiaHR0cHM6Ly90LmNvL2dNeVpISHZ4WUkiLCJwYWdlR3JvdXAiOiJQT1NUIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 17:30:06 GMT
Access-Control-Allow-Methods: GET, POST
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex
Keep-Alive: timeout=20
Content-Length: 70
Expires: 0

GET
H/1.1 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
459 B 62ms
19ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MDA4ODIyMDczNTEsInBhY2tldElkIjoiMDAwMDkwOUMtYjhjMzdlY2YtOGFiYy00ZDQ5LWFhYjgtMGUxM2I3OTkxNjFhIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIwLzA5L3J1c3NpYW4tcmFuc29td2FyZS1oYWNrLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiaHR0cHM6Ly90LmNvL2dNeVpISHZ4WUkiLCJwYWdlR3JvdXAiOiJQT1NUIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiOGMyZDdmOTQtYTljNS00M2IyLTgzYTQtY2RjZjcxMWFlMDVlIiwic2VjdGlvbk5hbWUiOiJBUF9UX1JfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzhjMmQ3Iiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF8zNzAyMF9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOGMyZDdmOTQtYTljNS00M2IyLTgzYTQtY2RjZjcxMWFlMDVlIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 17:30:06 GMT
Access-Control-Allow-Methods: GET, POST
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex
Keep-Alive: timeout=20
Content-Length: 70
Expires: 0

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 104 KB
32 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/B24029648.272043563;dc_ver=63.176;sz=728x90;u_sd=1;dc_adk=4037400832;ord=3ga6w8;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html$0;xdt=0;crlt=d1x)qjW74b;sttr=15;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a385a122be21746dea1fdd93fa68525ddaceb060bab87a25c30f48ea28be410a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688595231480"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32163
x-xss-protection: 0
expires: Wed, 23 Sep 2020 17:30:07 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20200921/r20110914/elements/html/ 6 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200921/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 06:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Oct 2020 06:41:09 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
761 B 104ms
33ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvA9M4e3JTOagN34jJLJwSRXMr4-rNV0snC56QqOnAseIzm7Jky8mttCbJW6ZDWGcMM_OVrkTDTeF06IDuEBsqg8lYqKYnaW-OBf0d7O3o4GLugQTO8L0vn0g3fk5_R&sig=Cg0ArKJSzA8lVLImSBWnEAE&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cisv=r20200921.67105&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 14:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10890
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Sep 2021 14:28:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: t.co
URL: https://t.co/gMyZHHvxYI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3386
date: Wed, 23 Sep 2020 16:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 23 Sep 2020 18:33:41 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
30 KB 42ms
38ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: t.co
URL: https://t.co/gMyZHHvxYI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 1189813
cf-ray: 5d75fde45aef1f1d-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055d9d02b600001f1d43952200000001
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: W/"5eb03ec4-15d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1600882207&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Mon, 13 Sep 2021 17:30:07 GMT

GET
H2 200 728x90-Email_WebResouces.png
s0.2mdn.net/8532760/ 17 KB
17 KB 30ms
7ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8532760/728x90-Email_WebResouces.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ee362d67a9ab1684dd2527341b4e553c4f395f3185a3bb7c16d98e99facb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 05:19:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 17:58:56 GMT
server: sffe
age: 43861
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16920
x-xss-protection: 0
expires: Thu, 24 Sep 2020 05:19:06 GMT

GET
H2 200 group-d-300.jpg
thehackernews.com/images/-FW8FQ7bo8OU/XqWaPcyOX_I/AAAAAAAA2ss/uTM1NQ29-akne_9Pk7Ya7nttYaB3aZTrgCLcBGAsYHQ/s728-e100/ 38 KB
39 KB 24ms
21ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-FW8FQ7bo8OU/XqWaPcyOX_I/AAAAAAAA2ss/uTM1NQ29-akne_9Pk7Ya7nttYaB3aZTrgCLcBGAsYHQ/s728-e100/group-d-300.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a943c20e71e31d1d479ba31ab53f0c4ebe258f81a4cbe5cf16b4a42afaac153c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9598
cf-polished: status=not_needed
status: 200
content-disposition: inline;filename="group-d-300.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39185
x-xss-protection: 0
expires: Wed, 30 Dec 2020 06:20:26 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdacf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d02b40000324876884200000001
accept-ranges: bytes
cf-ray: 5d75fde45e2b3248-FRA
access-control-expose-headers: Content-Length

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272061659;dc_pre=CK7Dtvrm_-sCFXbHuwgdrvIC5A;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_ch...
https://d.agkn.com/pixel/2388/?che=921272293&col=23636320,5936378,272061659,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_...
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=921272293
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=921272293

42 B
915 B

41ms
41ms

Image
image/gif

63.32.152.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=921272293

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.152.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-06a6bc0c0.edge-irl1.demdex.com 5.78.0.20200908113611 5ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: vnNLNa+HT9g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: SZ1RopQwQ9E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272061659&d_campaign=23636320&d_site=5936378&d_cb=921272293
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ 305 B
440 B 80ms
27ms Image
image/jpeg 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=607671&cmp=23636320&sid=5936378&plc=272061659&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 17:30:07 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 9/22/2020 5:30:07 PM

GET
H2 200 group-d-728.jpg
thehackernews.com/images/-7oJmLEYkjcQ/XqWacdmVRgI/AAAAAAAA2sw/P2VnIZJ4Rms0miW_RZVpJ6WhFtBlFeOqQCLcBGAsYHQ/s728-e100/ 24 KB
25 KB 24ms
22ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-7oJmLEYkjcQ/XqWacdmVRgI/AAAAAAAA2sw/P2VnIZJ4Rms0miW_RZVpJ6WhFtBlFeOqQCLcBGAsYHQ/s728-e100/group-d-728.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eea7c162b751032d6569dfe2497847e8d2c35a4a2c6f4c3fd47adce526864c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9598
cf-polished: origFmt=jpeg, origSize=39519
status: 200
content-disposition: inline; filename="group-d-728.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25044
x-xss-protection: 0
expires: Wed, 30 Dec 2020 06:10:57 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdacf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d02b40000324876885200000001
accept-ranges: bytes
cf-ray: 5d75fde45e2c3248-FRA
access-control-expose-headers: Content-Length

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/ad/N424004.3381407THEHACKERNEWS/B23636320.272416746;dc_pre=CLjAtvrm_-sCFYn5dwodta4LYA;sz=1x1;u=__AP1_np_dv_szkfwh5hx1rPA__;ord=80565614541;dc_lat=;dc_rdid=;tag_for_ch...
https://d.agkn.com/pixel/2388/?che=4293326880&col=23636320,5936378,272416746,462128157,112547680&l2=https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d...
https://att.demdex.net/event?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=4293326880
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=4293326880

42 B
915 B

42ms
41ms

Image
image/gif

63.32.152.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=4293326880

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.152.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-01b2f7528.edge-irl1.demdex.com 5.78.0.20200908113611 6ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: GosnXeEjRGM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: EqwRX6MKRNI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_placement=272416746&d_campaign=23636320&d_site=5936378&d_cb=4293326880
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ 305 B
440 B 75ms
25ms Image
image/jpeg 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=607671&cmp=23636320&sid=5936378&plc=272416746&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 17:30:07 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 9/22/2020 5:30:07 PM

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/ 229 KB
86 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4321766aa8d6f8003df215dc963cbfb70fac2fcdd4e28525fa13b01081f51b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87796
x-xss-protection: 0
server: cafe
etag: 3062304390244193928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Sep 2020 17:30:07 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200921/r20190131/ Frame 0A83 0
0 8ms
7ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200921/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 22 Sep 2020 22:03:26 GMT
expires: Tue, 06 Oct 2020 22:03:26 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 70001
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cybersecurity_728_2.jpg
thehackernews.com/images/-garoUPRlsuM/XyWqfQvkjbI/AAAAAAAA3Ik/sAqz9QiUpvE88gRL3wKYCKmyLZVpt9IXQCLcBGAsYHQ/s728-e100/ 23 KB
23 KB 38ms
31ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-garoUPRlsuM/XyWqfQvkjbI/AAAAAAAA3Ik/sAqz9QiUpvE88gRL3wKYCKmyLZVpt9IXQCLcBGAsYHQ/s728-e100/cybersecurity_728_2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9fade30ff2c9e89e6cd083a80545106f6bc89b06de258f5acfd5cfc5552dca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9480
cf-polished: origFmt=jpeg, origSize=52744
status: 200
content-disposition: inline; filename="cybersecurity_728_2.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23520
x-xss-protection: 0
expires: Tue, 29 Dec 2020 20:22:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdc94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d02e3000032487688e200000001
accept-ranges: bytes
cf-ray: 5d75fde49eec3248-FRA
access-control-expose-headers: Content-Length

GET
H2 200 chinese-hackers.jpg
thehackernews.com/images/-PJCf1SGaU_k/X2JLCrF6I4I/AAAAAAAA3UA/7uL0dveIRkguCGzTrmJus_aGgglvtFnlACLcBGAsYHQ/s72-c-e100/ 4 KB
4 KB 38ms
32ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-PJCf1SGaU_k/X2JLCrF6I4I/AAAAAAAA3UA/7uL0dveIRkguCGzTrmJus_aGgglvtFnlACLcBGAsYHQ/s72-c-e100/chinese-hackers.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f1065770eaa206e4994af023255e4e8f3e4ae0e1b31b5ec31182469aee9f59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9598
cf-polished: origSize=4256, status=webp_bigger
status: 200
content-disposition: inline;filename="chinese-hackers.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4218
x-xss-protection: 0
expires: Sun, 27 Dec 2020 00:04:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdd41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d02e3000032487688f200000001
accept-ranges: bytes
cf-ray: 5d75fde49eee3248-FRA
access-control-expose-headers: Content-Length

GET
H2 200 android-11-security-privacy.jpg
thehackernews.com/images/-uiS2lMJF_UM/X2TWt6bQn5I/AAAAAAAA3UQ/2F9sle349J8gQ8k9mU0xi7f1wSUzhikzwCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 29ms
23ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-uiS2lMJF_UM/X2TWt6bQn5I/AAAAAAAA3UQ/2F9sle349J8gQ8k9mU0xi7f1wSUzhikzwCLcBGAsYHQ/s72-c-e100/android-11-security-privacy.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135cf6ebee6b2423b02d99d6403fea6f3b3a2b80567da25bf58cc41d857aaee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9598
cf-polished: origSize=3163, status=webp_bigger
status: 200
content-disposition: inline;filename="android-11-security-privacy.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3126
x-xss-protection: 0
expires: Tue, 29 Dec 2020 00:08:42 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdd45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d02e30000324876890200000001
accept-ranges: bytes
cf-ray: 5d75fde49ef03248-FRA
access-control-expose-headers: Content-Length

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 26ms
7ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200923

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ea91adc8217ebf042b32bc516622727a9e27fdd9a6e179de639fe0c90194907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 11991
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 740
etag: W/"52b-kxXdwf0XuMGigOS6JSjxSYalrXs"
x-served-by: cache-fra19129-FRA, cache-hhn4038-HHN
date: Wed, 23 Sep 2020 17:30:07 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1
https://mug.criteo.com/sid?cpp=Rm38W3xzU2JIRmlrSXArNnpaN2ZDb3d0S1djSWZsMjA2a0pSR2E0Y0x4SERiaVVMVy9IK2luYnlsYUJ4TlpLbzZYd1AzYWdwdjJZaENLOWgzdW8xWXRjN1FlOWdzWk1GNUc4Z20yQzMrM1lsUmc4d2tsR1Fsd2d3MW45S0...

337 B
630 B

53ms
18ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Rm38W3xzU2JIRmlrSXArNnpaN2ZDb3d0S1djSWZsMjA2a0pSR2E0Y0x4SERiaVVMVy9IK2luYnlsYUJ4TlpLbzZYd1AzYWdwdjJZaENLOWgzdW8xWXRjN1FlOWdzWk1GNUc4Z20yQzMrM1lsUmc4d2tsR1Fsd2d3MW45S0pxM0pjczd6N01VUHNUajZGb2pNT2grR0E0eEhZMWJTc3ZabGp4enlKY3hZOUR5SE82UmwxaEh4eTB3MVREanVKQ3UvYnM2blJvTnRDdFhvQ1UvUlBxWEt3TXlzMytjT09SbXBMbTVZZXE0eVo3aDFvM1FVPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

af5912b224087830c9aacad29190ad73b3afd35863566c57996dacf01f338b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 23 Sep 2020 17:30:07 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1226
content-length: 337
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Wed, 23 Sep 2020 17:30:06 GMT
location: https://mug.criteo.com/sid?cpp=Rm38W3xzU2JIRmlrSXArNnpaN2ZDb3d0S1djSWZsMjA2a0pSR2E0Y0x4SERiaVVMVy9IK2luYnlsYUJ4TlpLbzZYd1AzYWdwdjJZaENLOWgzdW8xWXRjN1FlOWdzWk1GNUc4Z20yQzMrM1lsUmc4d2tsR1Fsd2d3MW45S0pxM0pjczd6N01VUHNUajZGb2pNT2grR0E0eEhZMWJTc3ZabGp4enlKY3hZOUR5SE82UmwxaEh4eTB3MVREanVKQ3UvYnM2blJvTnRDdFhvQ1UvUlBxWEt3TXlzMytjT09SbXBMbTVZZXE0eVo3aDFvM1FVPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 985
content-length: 482
expires: 0

GET
H3-Q050 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 00C4 0
0 28ms
13ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 8395
date: Wed, 23 Sep 2020 15:03:44 GMT
expires: Thu, 23 Sep 2021 15:03:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8783
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
399 B 52ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=40150068&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&dr=https%3A%2F%2Ft.co%2FgMyZHHvxYI&ul=en-us&de=UTF-8&dt=A%20New%20Hacking%20Group%20Hitting%20Russian%20Companies%20With%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2144227495&gjid=1836686881&cid=955643402.1600882208&tid=UA-27389293-1&_gid=546114768.1600882208&_r=1&_slc=1&z=153102026

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
93 KB 72ms
40ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Wed, 23 Sep 2020 17:30:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-27389293-1&cid=955643402.1600882208&jid=2144227495&gjid=1836686881&_gid=546114768.1600882208&_u=IEBAAEAAAAAAAC~&z=59927330

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 23 Sep 2020 17:30:07 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
15ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thehackernews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C5EC 0
0 72ms
70ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1600872950&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&ea=0&flash=0&pra=5&wgl=1&dt=1600882207436&bpp=6&bdt=772&idt=206&shv=r20200921&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8174378450168&frm=20&pv=2&ga_vid=955643402.1600882208&ga_sid=1600882208&ga_hid=40150068&ga_fc=0&iag=0&icsg=2317396650&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=3108251002486185&pem=155&ref=https%3A%2F%2Ft.co%2FgMyZHHvxYI&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=225

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1600872950&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&ea=0&flash=0&pra=5&wgl=1&dt=1600882207436&bpp=6&bdt=772&idt=206&shv=r20200921&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8174378450168&frm=20&pv=2&ga_vid=955643402.1600882208&ga_sid=1600882208&ga_hid=40150068&ga_fc=0&iag=0&icsg=2317396650&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=3108251002486185&pem=155&ref=https%3A%2F%2Ft.co%2FgMyZHHvxYI&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=225
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmoQbHq7NIRcEyIhKdQWUB8lakomjGCrnxNqjTbWLoQw6en475cOg-KQUP4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Sep 2020 17:30:07 GMT
server: cafe
content-length: 34
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 41ms
26ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200921&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1e4307b5a2d4e0b1b977a93d2048a207aee138625f6e1345d9fffa0d633d6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6698
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1109f4331a2b98162695b55b54a61fb6b0d010e90ab72ecc4543c89f617fa90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688589454019"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27590
x-xss-protection: 0
expires: Wed, 23 Sep 2020 17:30:07 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 31ms
29ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-27389293-1&cid=955643402.1600882208&jid=2144227495&_u=IEBAAEAAAAAAAC~&z=1956457012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 31ms
30ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-27389293-1&cid=955643402.1600882208&jid=2144227495&_u=IEBAAEAAAAAAAC~&z=1956457012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9D2F 0
0 447ms
447ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=600&slotname=1415611493&adk=2877078529&adf=3546401298&w=300&fwrn=4&fwrnh=100&lmt=1600872950&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=300x600&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600882207442&bpp=5&bdt=778&idt=255&shv=r20200921&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8174378450168&frm=20&pv=1&ga_vid=955643402.1600882208&ga_sid=1600882208&ga_hid=40150068&ga_fc=0&iag=0&icsg=10907331242&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=3108251002486185&pem=155&ref=https%3A%2F%2Ft.co%2FgMyZHHvxYI&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GsIbQ9WLWs&p=https%3A//thehackernews.com&dtd=263

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7983783048239650&output=html&h=600&slotname=1415611493&adk=2877078529&adf=3546401298&w=300&fwrn=4&fwrnh=100&lmt=1600872950&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=300x600&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600882207442&bpp=5&bdt=778&idt=255&shv=r20200921&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8174378450168&frm=20&pv=1&ga_vid=955643402.1600882208&ga_sid=1600882208&ga_hid=40150068&ga_fc=0&iag=0&icsg=10907331242&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=3108251002486185&pem=155&ref=https%3A%2F%2Ft.co%2FgMyZHHvxYI&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GsIbQ9WLWs&p=https%3A//thehackernews.com&dtd=263
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm7g9HEJAXngZkymMkJEOiCzKZAiLazVMAFxL5DqplsccSj3VF15s1dwQcw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Sep 2020 17:30:08 GMT
server: cafe
content-length: 20448
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 firefox-android-hacking.jpg
thehackernews.com/images/-m2pFZg2KcS0/X2ZVpZJeOlI/AAAAAAAA3Ug/Ufbn0WMFjIsPX59PK4DeNuUYcthn9RHPgCLcBGAsYHQ/s72-c-e100/ 2 KB
2 KB 26ms
24ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-m2pFZg2KcS0/X2ZVpZJeOlI/AAAAAAAA3Ug/Ufbn0WMFjIsPX59PK4DeNuUYcthn9RHPgCLcBGAsYHQ/s72-c-e100/firefox-android-hacking.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c842f63f91f4af1b0533e1540c9b39c3a90bf385c26eb7d8cbd1231e43cd54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9598
cf-polished: origFmt=jpeg, origSize=2342
status: 200
content-disposition: inline; filename="firefox-android-hacking.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2294
x-xss-protection: 0
expires: Thu, 31 Dec 2020 09:31:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "vdd49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d03e400003248768ae200000001
accept-ranges: bytes
cf-ray: 5d75fde63b5e3248-FRA
access-control-expose-headers: Content-Length

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 72ms
71ms XHR
text/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&pr=https%3A%2F%2Ft.co%2FgMyZHHvxYI&pid=I4Vc4jEliPKEH&cb=0&ws=1600x1200&v=7.54.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22responsivexresponsive%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889203%22%7D%5D&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
via: 1.1 700e1fc650af7cfb451dbdb8d79d4107.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: TXL52-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thehackernews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XQ9Yjio0V2RK_o36NeQdcOkyUxMID4ysH-ExFcQJBmuaOMHfjE_E7Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 110ms
35ms XHR
application/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:52:22 GMT
content-encoding: gzip
vary: Origin
age: 81466
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 09 Sep 2020 11:16:19 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 700e1fc650af7cfb451dbdb8d79d4107.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: KtUGuhqNmLFYl_UhHG_DCOgO8ZUU5OXIeesfXTEuILoHTBj_klC8_Q==

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200921/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Wed, 23 Sep 2020 17:30:07 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 83 KB
26 KB 397ms
397ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3108251002486185&correlator=495710729310094&output=ldjh&impl=fifs&adsid=NT&eid=21065645%2C21067523%2C21065517%2C21065975%2C21066908%2C21066995&vrg=2020091601&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200923&iu_parts=103512698%2C22055889203&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=amznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx&cookie_enabled=1&bc=31&abxe=1&lmt=1600872950&dt=1600882207867&dlt=1600882206664&idt=1153&frm=20&biw=1600&bih=1200&oid=3&adxs=269&adys=2433&adks=494232243&ucis=1&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthehackernews.com%2F2020%2F09%2Frussian-ransomware-hack.html&ref=https%3A%2F%2Ft.co%2FgMyZHHvxYI&dssz=39&icsg=43629324970&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x0&msz=730x0&ga_vid=955643402.1600882208&ga_sid=1600882208&ga_hid=40150068&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

43c9609d6245cb9740d69dec268665f56caae01d87e4fe726b533f9b8be07792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26057
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 80ms
47ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5575 0
0 7ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Wed, 23 Sep 2020 16:49:31 GMT
expires: Thu, 23 Sep 2021 16:49:31 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2436
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zenscrape-web-scraping.jpg
thehackernews.com/images/-DMgvFMmOCXs/X2L5GKCZQlI/AAAAAAAAAh8/_ne9EYvhxucCPjFXhRFoVfeoE7TdwjAiwCLcBGAsYHQ/s72-c-e100/ 2 KB
2 KB 26ms
25ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-DMgvFMmOCXs/X2L5GKCZQlI/AAAAAAAAAh8/_ne9EYvhxucCPjFXhRFoVfeoE7TdwjAiwCLcBGAsYHQ/s72-c-e100/zenscrape-web-scraping.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7a0277d971f04ff8a5f53c37c978c1542830bebbee2b1d283f0876b72fc633

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9598
cf-polished: origSize=2165, status=webp_bigger
status: 200
content-disposition: inline;filename="zenscrape-web-scraping.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2125
x-xss-protection: 0
expires: Tue, 29 Dec 2020 16:28:18 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d04a100003248768c0200000001
accept-ranges: bytes
cf-ray: 5d75fde76e543248-FRA
access-control-expose-headers: Content-Length

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
104 B 41ms
41ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200921&jk=3108251002486185&bg=!srGlsalYEMScAyycriMCAAAAd1IAAAANCgFPXdcnKcLgwnUVKdW0NPAAS1NcNs1HOVI15RRjeJnf92-XbpQ50RLpUrRJKwH40rNBPiUQy-MoVMKcWaM5rm8MvXVumvDRsgWkCy4RhVE1h0cElp5GD5NAc8byDuPOXycWUweiE_pqFrJ-WbIVxpPYrWHtCaDFDue77WBxzIzGPd-niKjWOkjZxbNwHUGllAxabRR0X5v9f8AA9EhBOs3OYIsRYq1YrIRc56NTJkLO9nIs3GTYsyYD4BdyZlEDz6kwvhndmDcRertOslKbOjy3QpHdmvnZfRHP7FeB-n6wTR0AaJ5JXThRC7f2cCy5r177RDqVOqh_Ho-D-zoiHAWDL7kjuq_eNdZxH3SDiBP6qsAzOnJVM6yCVDQRd4rzES0fPKgcyi4PWdLQTvr4gCopPUNLqxWG3G6TrGSzRt1fIKheoxA-pjJRv3afUUwCL6CZAdJb4wVSSNRG6JPnJvZ2fQwmACvopOBccZ-pTM1NVSGKJJO-c5XF8keuPXo3lNmKLvYlDek4OcVco-OJYqO2y086DooMDUmodJA_m0ztAlrB81KCfRPQWxYKZqh476mZnIMcyz8L5FqZkz2eRRJyl1PAbaNnXQGjvv9NFHQtnmhpQ1GF0wTMB2ylGVeSbF99L0idr3Ll-rQpehmvC2qC9SzWAw3RknNB6dyyBngnhAnX9MZsSzTylSHXanCAeJHQiBR9pwaJ4z9W5uwsCnnuLCz8MdGREEJpieUcmscN0dCjS54dnphYJAnUxRMYj9swE52pLiNLO0iqPW-6zIa3tQWf08oh4vaIAzXcV0hiwQ4P6Sg9UbLxIfomDCejLjrbRtB7DGkw7zdzitmAgupI9WVLytD7EN0ovgfsMQjT0HSwerUoJ8-ivdIJ-NM01yMYJ9gVwtv39aMYwWglY6z_Oeby-8y5EprKrbxtM4OZUcYMaURESjMTtMwn1nBzkhmKVGCO6L87U2tvghLB3JvcRNXLIkuUWoAr92tdmKReFctpcHr_teppuLj358FXBX2-BcGvXzwh4ManToVNT2fprkXmRf99dv9OOB4pL0rTGLCic5A0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 17:30:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9FBB 0
0 27ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 23 Sep 2020 17:30:07 GMT
expires: Thu, 23 Sep 2021 17:30:07 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ransomware-attack-on-hospital.jpg
thehackernews.com/images/-YFnAQDBLWlw/X2h9bFB25hI/AAAAAAAAAyE/jMecIXHH_sMcXYoQN-b9qTiy868SAREGgCLcBGAsYHQ/s72-c-e100/ 4 KB
4 KB 18ms
17ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-YFnAQDBLWlw/X2h9bFB25hI/AAAAAAAAAyE/jMecIXHH_sMcXYoQN-b9qTiy868SAREGgCLcBGAsYHQ/s72-c-e100/ransomware-attack-on-hospital.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18b58eef557236e617acc37a57b5d314f7d60818f7e926fe3d90b4afe82dd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9466
cf-polished: origFmt=jpeg, origSize=3876
status: 200
content-disposition: inline; filename="ransomware-attack-on-hospital.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3678
x-xss-protection: 0
expires: Fri, 01 Jan 2021 14:37:04 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v322"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d073c0000324876904200000001
accept-ranges: bytes
cf-ray: 5d75fdeb99953248-FRA
access-control-expose-headers: Content-Length

GET
H2 200 iran.jpg
thehackernews.com/images/-3eKq4v2IR9M/X2Ry0L6bb9I/AAAAAAAAAxI/_efp0dvBgLE-BDUZPutsdkwY64YgTR_wwCLcBGAsYHQ/s72-c-e100/ 4 KB
5 KB 20ms
19ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-3eKq4v2IR9M/X2Ry0L6bb9I/AAAAAAAAAxI/_efp0dvBgLE-BDUZPutsdkwY64YgTR_wwCLcBGAsYHQ/s72-c-e100/iran.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40170997e90161b13e4c22af3bcc0bd74157d797e467945945d6e37605baa5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2020/09/russian-ransomware-hack.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 17:30:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9599
cf-polished: origSize=4365, status=webp_bigger
status: 200
content-disposition: inline;filename="iran.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4329
x-xss-protection: 0
expires: Thu, 31 Dec 2020 10:03:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 055d9d07c20000324876912200000001
accept-ranges: bytes
cf-ray: 5d75fdec6c683248-FRA
access-control-expose-headers: Content-Length

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 107ms
34ms XHR
application/json 52.51.30.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.30.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-30-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 45f6798c14dfbc3e010e322072c8a9903496be7e8f1487796c86cfdecfae7a92

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Sep 2020 17:30:10 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 23 Oct 2020 17:30:10 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thehackernews.com/	1970-01-19 13:24:34	Name: __cfduid Value: daa038aa82ae649c39e959bc3b3ee6fc91600882206

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
att.demdex.net
c.amazon-adsystem.com
cdn.adpushup.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d.agkn.com
e3.adpushup.com
e9350843833848b41d3797a6dc528816.safeframe.googlesyndication.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.co
thehackernews.com
tpc.googlesyndication.com
tps.doubleverify.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.244.42.197
172.217.23.162
178.250.2.146
205.234.175.175
213.254.244.20
216.58.212.134
216.58.212.162
23.97.225.52
2600:9000:214f:ae00:19:fc2c:a140:93a1
2606:4700:20::ac43:4615
2606:4700::6810:a823
2606:4700::6811:4e6b
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:814::2002
2a00:1450:4001:817::2001
2a00:1450:4001:817::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81c::2006
2a00:1450:4001:81d::2002
2a00:1450:4001:820::200e
2a00:1450:4001:824::2002
2a00:1450:400c:c0c::9a
2a02:2638::1c
2a04:4e42:1b::621
52.51.30.82
63.32.152.233
99.84.153.196
02a2079808b1d062ff16a7d19627e9ee4a94f989aa879d9f81333364fa5a8ea0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
135cf6ebee6b2423b02d99d6403fea6f3b3a2b80567da25bf58cc41d857aaee4
13691815b6450d2c504f16e9103c62089dfb6b985f9018ac2313c67049ff3291
196ff2cf63c207dccd63cbbdcf965af4f543c8171d9deea687243f832d66dbbb
1c842f63f91f4af1b0533e1540c9b39c3a90bf385c26eb7d8cbd1231e43cd54e
1eea7c162b751032d6569dfe2497847e8d2c35a4a2c6f4c3fd47adce526864c6
2ea91adc8217ebf042b32bc516622727a9e27fdd9a6e179de639fe0c90194907
32c80a55d06b9da550f41424241174895bdbe1dd174ee1d015a4d56747cd2a99
3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
3f1065770eaa206e4994af023255e4e8f3e4ae0e1b31b5ec31182469aee9f59e
40170997e90161b13e4c22af3bcc0bd74157d797e467945945d6e37605baa5fa
4321766aa8d6f8003df215dc963cbfb70fac2fcdd4e28525fa13b01081f51b4d
43c9609d6245cb9740d69dec268665f56caae01d87e4fe726b533f9b8be07792
45f6798c14dfbc3e010e322072c8a9903496be7e8f1487796c86cfdecfae7a92
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
522c3850a92b6e66963eff20f0152a28b2768bbabb0c2cb7a73ab400b641ab97
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
62756d2616e4156e7f6a5524b5a6d8f64193e85f5d3b88be33cf8fe8a728d2bd
66cc7c81753cb707afc20013fa4b327bbff855ceded2700dc314449228a7d455
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
84c5498c2cad1b1daa904a66b1e1d79de6a6ec582524ff91b9e4a83c3eb1fe9a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1e4307b5a2d4e0b1b977a93d2048a207aee138625f6e1345d9fffa0d633d6bb
a385a122be21746dea1fdd93fa68525ddaceb060bab87a25c30f48ea28be410a
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
a943c20e71e31d1d479ba31ab53f0c4ebe258f81a4cbe5cf16b4a42afaac153c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5912b224087830c9aacad29190ad73b3afd35863566c57996dacf01f338b62
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1109f4331a2b98162695b55b54a61fb6b0d010e90ab72ecc4543c89f617fa90
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0cdab2a9e4799a408ffa2dacf6ad44e09d2c509d537694aa17b3118faf7e15d
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c7f94931016a993348abf60b80bd379118bc239b0d2e89d50e160b46901966df
c8fd065d4e741b6c3f6613ac8817621fece035736d71a677dde931360f130930
c9fade30ff2c9e89e6cd083a80545106f6bc89b06de258f5acfd5cfc5552dca8
cc7a0277d971f04ff8a5f53c37c978c1542830bebbee2b1d283f0876b72fc633
e18b58eef557236e617acc37a57b5d314f7d60818f7e926fe3d90b4afe82dd03
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03c3526dd6db1c340c972db0194f8b732611626e1bcde62426d70a68c7a023b
f5ee362d67a9ab1684dd2527341b4e553c4f395f3185a3bb7c16d98e99facb14
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
fe94fcc14c2b9f93c39cbe038796bff0ebc07a140ebd15e66b3a897b6a25bc82

thehackernews.com Open in urlscan Pro 2606:4700:20::ac43:4615 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

62 Requests

100 %HTTPS

62 %IPv6

18 Domains

29 Subdomains

28 IPs

7 Countries

1091 kBTransfer

2435 kBSize

1 Cookies

36 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:4615 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

62 %
IPv6

18
Domains

29
Subdomains

28
IPs

7
Countries

1091 kB
Transfer

2435 kB
Size

1
Cookies

62 HTTP transactions
9 data transactions